Nobody likes getting ripped off, and I’m no exception. I search the web from time to time to see who’s copying my stuff, and it’s always a little disheartening.

This week I ran a check to see who was copying my 20-year old LZW Compression article. Mind you, I’m not talking about isolated quotes taken without attribution; for the most part I’m looking for people who have posted a wholesale copy of the article – a complete rip-off. Looking through the top 25 hits yields some interesting statistics:

• About 30% of the people who copy my work are University faculty. The assign the article as reading for a class, and instead of simply posting a link, they scrape the article off the web and post a private copy.
• Another 40% are people who are blatantly plagiarizing – they’ve incorporated my work into a paper or thesis. Unfortunately for them Google now crawls PDF and PostScript files, which makes detection pretty easy
• The remainder are blogging programmers who, for some reason, delight in taking my article and posting it on their site, reformatted and unattributed, but often with my name and contact information still intact

Taking Action

Finding these rip-off artists is easy, but getting the stolen material removed from the web is another matter. In the cases where I can clearly identify a person who owns the site, I usually start with a friendly email. Maybe 25% of the time this works, but the typical response is dead silence.

When the informal methods fail, the next step is the formal takedown notice. In the United States, web publishers enjoy protection from claims of copyright infringement under the Online Copyright Infringement Liability Limitation Act if they register a copyright agent who handles complaints, and if they respond to those complaints in a timely fashion.

This means that a site like Blogger.com, owned by Google, provides a formal mechanism for handling notices. When I can’t find a link to an abuse agent, I use the WHOIS database to find the hosting service, and send an email to their address. This generally works pretty well. For example, Scribd responded to my requests within a matter of hours, and generally assumes that my complaints are legitimate unless the poster of the material puts up a decent defense.

Things aren’t always so simple though. Just as an example, CiteSeer, a very popular database of academic publishing, has a cached copy of a stolen article that their crawler found. In their FAQ, under the question “How can I remove a copy of my article from your database?”, they give this unhelpful tidbit:

Papers within CiteSeerX corpus are crawled from the web. The only reason a papers of yours is in the CiteSeerX database is because it was/is available from the web.

No kidding. And this helps me remove your illegal copy how?

The Tough Cases

With enough perserverance, I’m usually able to remove a large percentage of the illegal copies. But some problems remain intractable. Overseas servers in countries where English is not widely spoken are particularly difficult. I could certainly sue Baidu.com in Federal Court, but I have a feeling that wouldn’t get me very far.

Even when I don’t succeed, there is some entertainment value in the excuses. Today I got an email from a gentleman in India who incorporated my work in a paper published in a peer-reviewed article. He told me that he would work on taking it out, but right now he is busy taking care of his mother, who is in poor health. He hopes I will be patient.

Patient I will remain. Not like I have a choice.

Not understanding some basic rules of mathematics or logic can be a problem if you are a computer programmer. It can stand in the way of a good solution to a problem, or worse yet, can cause you to spend a lot of time working on a dead end.

In the case of New Zealand developer Philip Whitley, not understanding the Pigeonhole Principle led to a $NZ 5.3M fine, and up to five years in jail.

Compression Scam

For roughly the past ten years or so, Whitley had been raising money to fund a company that was to use his revolutionary data compression algorithm. This algorithm purported to be able to compress every file by 92.5%.

Readers of this space know quite well that it is provably impossible to compress every file. And anyone with some experience in data compression knows that the notion that all files could be compressed by a large, fixed amount is patently ludicrous.

But to the man on the street, this sort of thing isn’t entirely obvious, and that fact allowed Whitley to raise millions from investors in New Zealand.

Fortunately, the prosecutors didn’t have to hang their case on testimony from academics about abstract mathematical proofs – Whitley lied to his investors about having patented the technology, and that was enough for the Kiwi Serious Fraud Office to garner a conviction.

Not the First, Not the Last

Whitley isn’t the first compression con artist, and he won’t be the last. A few years back I served as a witness for a man who ran afoul of the US Department of Justice for a similar compression scheme. His work resulted in substantial losses for a number of people, as disparate as a dentist from my suburban home of Plano, Texas, and Swiss musician of note Deiter Meier. Neither the defendant nor his victims had much knowledge of algorithmic law in that case, either.

What does this mean to us? Well, the next time you hear someone arguing that a CS degree doesn’t do the average programmer any good, you might remember that at a minimum it can help keep you out of jail. Surely that’s worth something.

My email address shows up in a lot of public places, including domain registration records, hundreds of USENET posts, magazine articles, and various web sites. As a result, it has been harvested by every spammer known to mankind, and I get a lot of bad email.

This includes more than just spam. I show up as the return address in tons of virus attacks. I have a Gmail filter that automatically trashes email that looks like this:

***********************
—————— Virus Warning Message (from gemini4.ieee.org)

Found virus Possible_VBSDrpr in file private.hta
The file is deleted.

If you have questions, contact virus-admin@ieee.org

***********************

Hi!!!!! You haven’t been writing for a long time. I began to worry) Where have you been? You remember, you’ve asked a progy from me? I’ve finally found it, so here it is. Check it out if this is what you’ve been looking for… bye

In this case, some bot sent a virus-laden email with my return address. The server that caught the virus sent a response back to me, foolishly trusting the fake return address. These bogus rejections account for more than 50% of my trash folder!

Like all of you, I also get a lot of phishing email, messages of various levels of sophistication designed to look as though they originate from legitimate businesses. However, instead of connecting their trusting victims to a legitimate business partner, they instead route them to bogus web sites where crooks can harvest their credit card numbers, user ids, PINs, and passwords.

Today I got one that takes the concept to a new level:

Dear American National Bank of Texas Member ,

Due to the recent phishing attacks targeting American National Bank of Texas we are currently launchinga new security system that will improve the level of member service we can provide to you.

To update please call Customer Service to : 989-785-XXXX

To complete update please enter you 16 digits card number , expiration date and 4 digits PIN after the bip and we will return your call in the next 24 h .

Failure to authenticate your account may result in account malfunction, slow online experience or your account will be SUSPENDED .

To enhance the security when accessing your on-line accounts, American National Bank of Texas has implemented an additional layer to our on-line security system.

You may be requested to answer security questions in order to complete your log in to American National Bank of Texas Online Banking.

Please do not reply to this message. For any inquiries, contact Member Service.

Copyright © 2007 American National Bank of Texas. All rights reserved.

This looks like any other phishing message, (including a number of endearing malapropisms,) but in an attempt to carve out a new layer of legitimacy, these evildoers are using a voice response system to try to grab a credit card number and PIN. They’ve got a phone number that has a legitimate Michigan area code, and the usual brazen email approach.

However, once you complete the call, the heavy foreign accent really ruins the effect. Given the pretense that this is a bank in Texas, I expect either a cowboy twang or a flat, professional, midwest business voice. Instead I get a vaguely central Asian-sounding young male, not exactly the type to engender trust in an anonymous credit card transaction. Listen up and see what you think.

Incredible video compression claims are a morbid fascination of mine – usually it’s obvious that the claims are going to go down in flames, and it’s just a matter of watching for the inevitable disaster. I’m using the term incredible in its literal sense, a synonym for unbelievable, which comes in to play when somebody comes out of nowhere to say they can improve the state of the art by a factor of 10:1.

So when I saw this press release from CipherFlux, I couldn’t help having that same feeling of “here we go again”. CipherFlux seems to be saying that they can pull off a roughly a 6:1 improvement over the best quality DivX encoding, a feat that would have to be considered remarkable.

Interestingly, I found that CipherFlux’s founder Jerzy Urbanik, was very happy to talk with me about what his team has been working on. Since this is blog format, and we don’t suffer from space constraints, I’ll go ahead and give you the bulk of our Q&A.

Interview

The following is the transcript of an email interview with Jerzy Urbanik, President and founder of CipherFlux:

Mark: Your company seems to specialize in optimized security algorithms. How did you get sidetracked into video coding?

Jerzy: We founded CipherFlux with one premise: we decided to challenge the concerns of speed in the field of cryptology, and at the beginning that was our primary area of research. One day, while having a video conference, one of our engineers said: “Well, it would be nice if we could apply our method to improve the quality of video transmission”. “Why not” I said. That is how it all started.

Most of us have interdiscipilinary knowledge which helped us with finding solutions in areas that are seemingly isolated, video compression and cryptology. Traditionally these fields were developed separately because the problems they examined were very different and the techniques they used appeared unrelated. Recently there is a growing consent among the research community that the two fields are quite closely related.

Mark: You’re claiming that you have higher quality than the best MPEG-4 type decoder (comparing to DivX) with compression ratios four times greater. What’s the secret that allows you to do this? You must be using some new techniques, right?

Jerzy: Yes we are, but at this moment we don’t want to disclose any technical details since our research relates to cryptography and this is a sensitive subject. Our technology implementation into video compression allowed us to achieve greater results and to be sure that nobody approaches compression from this angle we have kept it secret. At this point our method is totally lossless. To prove to ourselves that we are going in the right direction we used a simple 197MB video file and we compressed it down to 90KB. But that is just the beginning. There is still a lot that can be done in the area of lossless compression before we move on to lossy compression. For comparison purposes we compressed the same video using the latest version of DivX (ver. 6.22) which utilizes MPEG4 LOSSY compression. The results were impressive, of course, and to our benefit.

Mark: As far as you know, are you in danger of stepping on anyone’s patents?

Jerzy: Our method/algorithm applied to cryptology is totally unique. We did our homework and as far as we know nobody approaches video compression from that angle.

Mark: If this pans out to be as good as you claim, how do you think you will be able to commercialize it? This is the notoriously tough part of the business, turning a good algorithm into a standard that lots of people use.

Jerzy: This is a very good question. It’s true that turning any algorithm into a standard has always been an issue, especially for a new technology. But we believe that as long as the greatest hurdle for efficient data transmission is bandwidth capacity – that limits speed, size, and quality of any transferred music, voice or video file – the industry will welcome our solution when presented with a tool to overcome those limitations.

Mark: When can we expect to see some demos?

Jerzy: We estimate that demo will be available in 2007.

Analysis

So there are a couple of red flags here, not surprisingly. The first is that Jerzy takes his press release one step further by saying that his algorithm is completely lossless. To be claiming a completely lossless algorithm that bests DivX best quality by 5:1 is truly incredible, and will definitely require big-time scrutiny.

Second, the press release (as of this writing) says:

Our newest tests and the possibility of independent tests will be avaliable after July 15 2006.

In the interview, Jerzy backs off that and says 2007. I wish I could tell you how many times I’ve heard of an incredible compression technique that just “needed a little bit of tweaking” and never managed to ship.

As always, my final analysis in a case like this is extreme skepticism. But I won’t say that these claims are impossible, just incredible. The acid test for CipherFlux, just like anyone else, is to provide reproducible benchmarks using standard video tests that let us perform apples-to-apples comparisons against state-of-the-art compressors. In general, most incredible claimants never get that far. Jerzy says they will, and until then, we’ll remain skeptical but open-minded.