Meet the kid behind the DVD hack
January 31, 2000
by J.S. Kelly
(IDG) -- On Monday, January 24, authorities in Norway searched the home of Jon Johansen, a 16-year-old Norwegian member of the Masters of Reverse Engineering (MoRE) -- the group which created the DeCSS DVD playback utility for Linux. Jon and his father Per Johansen have both been indicted by Norway's Department of Economic Crime.
LinuxWorld talked to Jon about DeCSS, the investigation, the controversy -- and about why he feels that this case is at the same time so ridiculous and so important.
LinuxWorld: How did this whole thing start? How did you get involved with DVD and DeCSS?
Jon Johansen: Well, I got involved with DVD about two years ago. I bought my first DVD-ROM and an MPEG-2 decoder card. And, about at the end of September last year, I got in contact with a German computer programmer and a Dutch computer programmer, and we decided that it was time to add DVD support to Linux -- and, of course, to other operating systems, such as FreeBSD.
LinuxWorld: Had you expected any problems like this when you set about to make the player?
Jon Johansen: We knew that they would probably go after someone. But when [Norwegian authorities] visited me yesterday with a search warrant, I really hadn't expected them to, because it's been about two or three months now since [the subject] first appeared in the media and, well, to me, that's a pretty long time.
LinuxWorld: You removed the code from your Webpages when they asked you to, and have been cooperating with what they have asked of you, is that right?
Jon Johansen: Actually, I was only linking [to the source code] and they wanted me to remove the link -- which I did, so that I could think it over. And then the link appeared again on my Website at the end of the week.
LinuxWorld: Did they question you at your house?
Jon Johansen: No. They took me to the local police station. But my father was sick, so they questioned him here at home.
LinuxWorld: But they just took you in for questioning -- they didn't arrest you or anything like that?
Jon Johansen: Well, the biggest Norwegian newspaper regarded this as an arrest, since they hadn't told us that they were coming and they brought me in. So the biggest Norwegian newspaper looked upon that as an arrest.
LinuxWorld: But did they give you a choice to not go in for questioning?
Jon Johansen: Well, of course I do have the right to have an attorney present. So I [could have] told them that I did not want to do it without an attorney, [and] they would have had to call my attorney and schedule an appointment.
LinuxWorld: And you didn't do that.
Jon Johansen: No, I didn't do that.
Jon Johansen: Basically, because I didn't have anything to hide. So I decided to cooperate.
LinuxWorld: The code that you wrote -- now, is it called DeCSS or is it CSS-auth?
Jon Johansen: It's called DeCSS.
LinuxWorld: OK. Because I've seen conflicting media reports on that, and other things. Like, some say that you are 15, others say you are 16.
Jon Johansen: I'm 16 now, I was 15 when it happened ... and the encryption code wasn't in fact written by me, but written by the German member. There seems to be a bit of confusion about that part.
LinuxWorld: The other two people that you had worked with to make the player are remaining anonymous -- is that right?
Jon Johansen: Yes, that is correct.
LinuxWorld: Do you think they will try to find out who they are from the data on your computer?
Jon Johansen: Yes, probably. They also asked what I knew about them. But I don't have the identity of any of them. I only had the nicks that they used on Internet Relay Chat.
LinuxWorld: And did you give those up?
Jon Johansen: Well, lately they have been changing nicks from time to time. So I gave one of the nicks they had used before.
LinuxWorld: Do you know why they want to remain anonymous?
Jon Johansen: They are both a lot older than me, and they are employed. So I guess they just didn't want the publicity, and they were perhaps afraid of getting fired.
LinuxWorld: And why is your father involved in this?
Jon Johansen: Basically because he owns the domain [at which] my Webpages were located.
LinuxWorld: And how do your parents feel about this whole thing?
Jon Johansen: They consider it [to be] just as stupid as I do. The charge is totally off-topic. It doesn't have anything to do with reality.
LinuxWorld: Do you know why they took your cell phone?
Jon Johansen: I asked them why, and they said that they considered it to be so advanced that they had to take it in, because it was a Nokia 91-10. And I did have, in fact, a backup of the source on it.
LinuxWorld: And do you know what is going to happen next?
Jon Johansen: They are currently investigating, and I still haven't received my computers back. So I have ordered a new one today, which I will be receiving on Friday. Which is a bit too late, because ABC News is coming tomorrow, and I was supposed to demonstrate DVD playback under Linux. So I'm going to call some people now and try to get hold of a computer with a DVD-ROM and get Linux installed on it.
LinuxWorld: So, can DeCSS in fact in any way be used for pirating? I mean, I realize that isn't the purpose for which it was written.
Jon Johansen: Well, yes, it can be used for pirating. Because you can decrypt a DVD disk and put it on your hard drive and then you can convert it, say, to VCD and then post it on the Internet. But tools to do that had already been available on the Internet, long before DeCSS, which was also a complete digital solution which gave you the same quality. So DeCSS didn't introduce anything new for pirating and had already been available.
LinuxWorld: So why do you think they are going after you, and not the authors of the other tools?
Jon Johansen: Well, the authors of the other tools are, as far as I know, anonymous. And [in] the charge, they say that the encryption is copy protection. But that's not correct at all. Anyone with a little computer experience knows that anything can be copied bit-by-bit with the right equipment.
LinuxWorld: And the authors of the other tools didn't break the encryption? Those previous tools had been written for the Windows platform, is that right?
Jon Johansen: Yes. There was one tool, I think it was called DVD-rip, which I believe actually hacked in to the Xing DVD player and then, when the Xing DVD player had decrypted the MPEG stream, the DVD-rip utility dumped that stream to disk and you had yourself an unencrypted DVD movie.
LinuxWorld: Well, it seems then all the more that they should be going after those other authors.
Jon Johansen: I guess it is because those other tools haven't received any media attention. But perhaps they don't even know about them -- but I would think that they do, because they are not that stupid.
LinuxWorld: Why did you decide to come forward and to not to remain anonymous?
Jon Johansen: We discussed it in the group and they thought it was OK, and I think the first reporter I talked to was from Wired. I think it was Declan [McCullugh], and he asked me if he could publish my name, and since we had already talked it over in MoRE, I said yes.
LinuxWorld: Are you sorry now that you did?
Jon Johansen: Not really, because I think the fight we are now fighting is a very important fight for free speech and for the open source community.
LinuxWorld: Why is it so important?
Jon Johansen: Basically, if reverse engineering is banned, then a lot of the open source community is doomed to fail. Because [you need to reverse-engineer] when creating software for compatibility with, for example, Microsoft Windows. For example, Samba was totally dependant on reverse engineering. Of course, the whole computer industry was allowed to reverse-engineer IBM's BIOS.
LinuxWorld: What was your reaction to the injunctions in the US?
Jon Johansen: I was a bit surprised, but then I read about how EFF [the Electronic Frontier Foundation] had presented the defense. And, if what I read on Slashdot about that was true, then I don't understand how exactly EFF could have argued that way.
Jon Johansen: Well, what I read on Slashdot was that they basically said that the encryption was bad, and it was kind of their fault. And I don't understand why they used those arguments.
LinuxWorld: What kind of arguments would you have expected, or what kind of arguments do you think might have been better?
Jon Johansen: I would have expected for them to try to explain to the court that this had nothing to do with copying, because encryption does not prevent copying -- which the DVD CCA [Copy Control Association] and MPAA are claiming. And everybody knows that even if something is encrypted you can still copy it if the reading of the data goes through decryption.
LinuxWorld: At the hearing I attended, the defense did argue that the DVD encryption was flawed. At the same hearing, the plaintiffs had some really, some pretty strong feelings about the way people have been acting when they repost the code. Do you know about that?
Jon Johansen: I did actually read on Slashdot where the plaintiffs had actually read from Slashdot debates.
LinuxWorld: Exactly. And they picked out only the ones which were saying things like "fuck the law." And so they picked those out on purpose and they said, "Look at these people. They don't want to play back movies. They are saying 'fuck the law.'" So do you have anything to say to people about that?
Jon Johansen: Well, that's really sad that they can't behave, because they should have known that the plaintiffs would have used something like that against us. They should stop doing things like that and help inform the media that this has nothing to do with copying but [rather has to do with] with playback.
LinuxWorld: How best can people help to do that?
Jon Johansen: Well, first of all they could head over to OpenDVD.org, and see what's written there, and then perhaps call or email their local media, and inform them about the case.
LinuxWorld: Thanks, Jon, for talking to us. We wish you the best of luck.
Norwegian teen raided by police in DVD suit
RELATED IDG.net STORIES:
Free speech or DVD piracy?
|Back to the top||
© 2001 Cable News Network. All Rights Reserved.|
Terms under which this service is provided to you.
Read our privacy guidelines.