On Wednesday 21 January 2004 13:07, Sven Neumann wrote:

Hi,

I'd like to draw the GIMP developer's attention on this Advogato article. It has some interesting comments and links and somehow I get the feeling that it would be unwise to ignore this subject:

http://advogato.org/article/742.html

What is especially worrying me is that there seems to exist a proposal for EU legislation to require devices and software to include counterfeit deterrence technology:

http://www.ecb.int/pub/legal/c_25520031024en00080008.pdf

This document explicitely asks for comments and IMO it would be a good idea to prepare such a comment. We could do this as the GIMP developers or try to corporate with the FSF Europe.

Sven

A good point to focus this discussion seens to be pointing the Central Bank to the direction of including non-printable add-ons to currency, like holograms or other things. Our (Brazil's) latest bank note already have got an holographic strip on it, and ...it would be quite hard to reproduce that in the GIMP. :-)
The idea of installing anti-counterfeit protection in any imaging device is similar to the one discussed for some time about the so called "analog hole" - in which the movie and audio industries try to address anti-copying tecnologies even on analog devices such as VCRs.

Perfect nonsense, since the ones most interested in counterfeiting would just have to make a deal with a manufacturer in China, or other country with similar capabilities to get his hardware without such protection. In the case of software, it is even easier: all a conterfeiter would have to do would be to develop his own, in house software - which could be a little harder if all existing Open Source libraries related to graphics were forbidden, but not impossible. Spammers already do that.

On the other hand, this very same idea threatens the very soul of Free Software, or Open Source. It is just not feasible., as it is plain obvious.

The pdf pointed to by Sven however asks for a comment that could be well constructed together with FSF Europe, showing these and other facts.

JS
->

On 21 Jan 2004, at 16:07, Sven Neumann wrote:

http://www.ecb.int/pub/legal/c_25520031024en00080008.pdf

This document explicitely asks for comments and IMO it would be a good idea to prepare such a comment. We could do this as the GIMP developers or try to corporate with the FSF Europe.

To be precise, it says:

+ Comments in English or in the relevant Community language + are invited from all interested parties by 19 December 2003

Does that not mean the deadline was 19 December last year?

On 21 Jan 2004, Sven Neumann wrote:

What is especially worrying me is that there seems to exist a proposal for EU legislation to require devices and software to include counterfeit deterrence technology:

http://www.ecb.int/pub/legal/c_25520031024en00080008.pdf

This document explicitely asks for comments and IMO it would be a good idea to prepare such a comment. We could do this as the GIMP developers or try to corporate with the FSF Europe.

Yes, I think it would be best to do it as a joint GIMP/FSF Europe comment. I would include something akin to the following:

* GIMP is a popular image-manipulation program that is used in many different applications, such as web design.

* Should legislation be enacted requiring currency detection, GIMP would effectively be outlawed from the European Union, since, due to its open source nature, it is trivial to modify it to skip the currency detection step.

* The legislation would not have its desired effect anyway, since it is not significantly more difficult for a dedicated individual to modify a closed-source program to skip the currency detection. Once a program is modified once, it is trivial for instructions on how to modify the program to be spread to others.

* There are many legitimate and legal uses for images of currency. FSF Europe and the GIMP developers are greatly opposed to any measure that would restrict the freedom of expression of the citizens of European Union member nations.

It would then of course be signed by all the GIMPers who are members of the EU.

Rockwalrus

On Wed, 2004-01-21 at 20:45, Branko Collin wrote:

To be precise, it says:

+ Comments in English or in the relevant Community language + are invited from all interested parties by 19 December 2003

Does that not mean the deadline was 19 December last year?

It appears so, yes.

./Brix

Dear all,

This is the first time I write to a mailing list so please consider what, on Sunday 18 January 2004 17:09, Alan Horkan wrote:

I think that more developers will be attracted to the GIMP if they are forgiven for impatient mistakes and the over enthusiasm of beginners and not knowing how things work around here but are given the chance to learn.

Thanks in advance.

On Wednesday 21 January 2004 19:45, Branko Collin wrote:

To be precise, [the annoucement] says:

+ Comments in English or in the relevant Community language + are invited from all interested parties by 19 December 2003

Does that not mean the deadline was 19 December last year?

Yes, it does mean so.

However, on Wednesday 21 January 2004 15:07, Sven Neumann wrote:

I'd like to draw the GIMP developer's attention on this Advogato article. It has some interesting comments and links and somehow I get the feeling that it would be unwise to ignore this subject:

And I agree too that this would be unwise.

As an EU citizen who has done image processing software, I belong to the interested parties. I therefore sent my own comments on Thursday 22 January 2004, forwarded FYI below. Joao S. O. Bueno will find in my comments interesting informations about the "non-printable add-ons" on the Euro notes.

The other reason why I think the deadline is not too important is that the ECB replied and made interesting comments about their proposal. It was written in their signature that "[their reply was] intended only for [my] use" so I do not want to reveal any of it until they give me their authorisation.

I did not tell a lot in my comments about the damage such a legislation could have on Open Source. I believe the group of EU GIMP developers or the FSF Europe could do that better, though haste is needed, for the deadline has indeed passed.

Yours sincerly
Damien Allain

---------- Forwarded Message ----------

Subject: possible legislation on the incorporation of counterfeit deterrence technology in image processing sofware Date: Thu, 22 Jan 2004 15:02:08 +0000 To: cac@ecb.int

Dear all,

Please excuse my late reply.

I would like to comment on the possible impact of such legislation on any developped image processing software product and any software used in the developpement of such image processing software, as invited by your annoucement in the Official Journal of the European Union of the 24.10.2003

One of the role of the CBCDG is to assess and limit the risk of possible conterfeiting. One of the risk of counterfeiting is the possible use of image reproduction hardware, such as scanners and printers, combined with the use of image processing hardware and software, such as any personnal computer equipped with image processing software.

It is written in your consultation announcement : "The CBCDG has developed counterfeit deterrence technology which is currently available for use by equipment or software manufacturers free of charge." The possible legislation would make compulsory to incorporate this technology in image processing hardware or software. The aim is to make it impossible for the average citizen, equipped with a scanner, a personnal computer and a printer, to reproduce bank notes.

My first point is that fake notes produced in such a way even with the printers of today are just gross. They do not pass the basic security features checks as shown on :
http://www.ecb.int/change/banknotessecurityfeatures.pdf Even a blind person would feel such fakes and recognise a piece of limp or waxy printed paper, without the feel of the relief of the intaglio printing, just strangely the size of well known bank note. It is true that blind people are usually better at feeling than visually able people. But then a visually able person would hold the banknote up against the light and see a bad watermark, if any, a bad security thread, if any, and a poor see-through register. If a visually able person does not hold the banknote up against the light, he will tilt it and, instead of the beautifull, colourfull and bright hologram with the image and the value numeral, will see some dull printed representation of it. Either way, a visually able person would not only reject it like the blind person, he might even attack the counterfeiter or his accomplice with either his own hands or with the law enforcement institutions of the area.

Good campaigning about the security features, as was so well done by the ECB in 2001 and 2002, just makes it very unsafe for the average citizen to turn to currency counterfeiting. The ECB will then keep safe from imbeciles doing so by keeping on the good campaigning and training work.

The real danger comes from professional counterfeiters who use personnal image reproduction hardware and software to counterfeit bank notes with less effort. My second point is that not only counterfeits produced in such a way are still easily recognizable because of the poor representation of the security features but also such counterfeiters could make their own image processing software and bypass counterfeit deterrence technology.

As you will see on my attached curriculum vitae, I have myself been trained in making image processing software with the help of the generous research and education founds of the EC (by the way, thanks a lot :-). I find it easy and I see many ways to do it.
- It can be done by modifying widely available image processing software. - If such image processing software was equipped with counterfeit deterrence technology, it could also be done by using a widely available image processing software library.
- If such image processing software library was equipped with counterfeit deterrence technology, it could also be done by making another image processing software library that would not be equipped with counterfeit deterrence technology. I have already done such libraries with a bit of reverse engineering. I made the code with a programming language called C++ and I used a compiler to make an executable file from the code. So now the case would be to equip all software that allows the production or running of other software, hereinafter compilers and interpreters, with a module that would equip all new software with counterfeit deterrence technology. Not only we are now running into the chicken and egg problem but also I believe it is a very difficult thing to do even for the talented people who have made your counterfeit deterrence technology. One problem would be that the list of such compiler/interpreter is long : all Pascal, Fortran, C, C++, java, PERL and the like compilers (there is about one thousand version for each language and there is only about twenty of such programming languages) and all sh, Basic, javascript and the like interpreters (there is only about one hundred version for each language but there is about one hundred of such programming languages). Another problem would be how to spread such technology so that it would be incorporated into every copy of every version of the programmes previously mentionned. I am sure to limit all the software technology like that is just not feasable.

The impact of such legislation could be even harmfull to the software world and to the portion of the economy related to it, with little or no deterrence effect for counterfeiters.

The best solution is the good old way of security features that can not be reproduced properly.
The ECB has been good at outpacing the technology available to conterfeiters with the finest features on the current euro notes : - patterns
- double-side printing, with see-through registers - ink colours and textures
and with easy to recognise, non-printable features, like : - watermarks (by the way, why not coloured watermarks ?) - embedded artefacts, like security threads - fancy hologrammes
- UV features

The ECB will keep safe from criminals, stupid or clever, only by keeping on the good work of campaigning, training and outpacing the people.

Damien Allain

-------------------------------------------------------