Dear all,

This is the first time I write to a mailing list so please consider what, on 
Sunday 18 January 2004 17:09, Alan Horkan wrote:
> I think that more developers will be attracted to the GIMP if they are
> forgiven for impatient mistakes and the over enthusiasm of beginners and
> not knowing how things work around here but are given the chance to learn.
Thanks in advance.

On Wednesday 21 January 2004 19:45, Branko Collin wrote:
> To be precise, [the annoucement] says:
> + Comments in English or in the relevant Community language
> + are invited from all interested parties by 19 December 2003
> Does that not mean the deadline was 19 December last year?
Yes, it does mean so.

However, on Wednesday 21 January 2004 15:07, Sven Neumann wrote:
> I'd like to draw the GIMP developer's attention on this Advogato
> article. It has some interesting comments and links and somehow I get
> the feeling that it would be unwise to ignore this subject:
And I agree too that this would be unwise.

As an EU citizen who has done image processing software, I belong to the 
interested parties. I therefore sent my own comments on Thursday 22 January 
2004, forwarded FYI below. Joao S. O. Bueno will find in my comments 
interesting informations about the "non-printable add-ons" on the Euro notes.

The other reason why I think the deadline is not too important is that the ECB 
replied and made interesting comments about their proposal. It was written in 
their signature that "[their reply was] intended only for [my] use" so I do 
not want to reveal any of it until they give me their authorisation.

I did not tell a lot in my comments about the damage such a legislation could 
have on Open Source. I believe the group of EU GIMP developers or the FSF 
Europe could do that better, though haste is needed, for the deadline has 
indeed passed.

Yours sincerly
Damien Allain

----------  Forwarded Message  ----------

Subject: possible legislation on the incorporation of counterfeit deterrence 
technology in image processing sofware
Date: Thu, 22 Jan 2004 15:02:08 +0000

Dear all,

Please excuse my late reply.

I would like to comment on the possible impact of such legislation on any
developped image processing software product and any software used in the
developpement of such image processing software, as invited by your
annoucement in the Official Journal of the European Union of the 24.10.2003

One of the role of the CBCDG is to assess and limit the risk of possible
conterfeiting. One of the risk of counterfeiting is the possible use of image
reproduction hardware, such as scanners and printers, combined with the use
of image processing hardware and software, such as any personnal computer
equipped with image processing software.

It is written in your consultation announcement :
"The CBCDG has developed counterfeit deterrence technology which is currently
available for use by equipment or software manufacturers free of charge."
The possible legislation would make compulsory to incorporate this technology
in image processing hardware or software.
The aim is to make it impossible for the average citizen, equipped with a
scanner, a personnal computer and a printer, to reproduce bank notes.

My first point is that fake notes produced in such a way even with the
printers of today are just gross. They do not pass the basic security
features checks as shown on :
Even a blind person would feel such fakes and recognise a piece of limp or
waxy printed paper, without the feel of the relief of the intaglio printing,
just strangely the size of well known bank note. It is true that blind people
are usually better at feeling than visually able people. But then a visually
able person would hold the banknote up against the light and see a bad
watermark, if any, a bad security thread, if any, and a poor see-through
register. If a visually able person does not hold the banknote up against the
light, he will tilt it and, instead of the beautifull, colourfull and bright
hologram with the image and the value numeral, will see some dull printed
representation of it. Either way, a visually able person would not only
reject it like the blind person, he might even attack the counterfeiter or
his accomplice with either his own hands or with the law enforcement
institutions of the area.

Good campaigning about the security features, as was so well done by the ECB
in 2001 and 2002, just makes it very unsafe for the average citizen to turn
to currency counterfeiting. The ECB will then keep safe from imbeciles doing
so by keeping on the good campaigning and training work.

The real danger comes from professional counterfeiters who use personnal
 image reproduction hardware and software to counterfeit bank notes with less
 effort. My second point is that not only counterfeits produced in such a way
 are still easily recognizable because of the poor representation of the
 security features but also such counterfeiters could make their own image
 processing software and bypass counterfeit deterrence technology.

As you will see on my attached curriculum vitae, I have myself been trained
 in making image processing software with the help of the generous research
 and education founds of the EC (by the way, thanks a lot :-). I find it easy
 and I see many ways to do it.
- It can be done by modifying widely available image processing software.
- If such image processing software was equipped with counterfeit deterrence
technology, it could also be done by using a widely available image
processing software library.
- If such image processing software library was equipped with counterfeit
deterrence technology, it could also be done by making another image
processing software library that would not be equipped with counterfeit
deterrence technology. I have already done such libraries with a bit of
reverse engineering. I made the code with a programming language called C++
and I used a compiler to make an executable file from the code.
So now the case would be to equip all software that allows the production or
running of other software, hereinafter compilers and interpreters, with a
module that would equip all new software with counterfeit deterrence
technology. Not only we are now running into the chicken and egg problem but
also I believe it is a very difficult thing to do even for the talented
people who have made your counterfeit deterrence technology. One problem
would be that the list of such compiler/interpreter is long : all Pascal,
Fortran, C, C++, java, PERL and the like compilers (there is about one
thousand version for each language and there is only about twenty of such
programming languages) and all sh, Basic, javascript and the like
interpreters (there is only about one hundred version for each language but
there is about one hundred of such programming languages). Another problem
would be how to spread such technology so that it would be incorporated into
every copy of every version of the programmes previously mentionned. I am
sure to limit all the software technology like that is just not feasable.

The impact of such legislation could be even harmfull to the software world
and to the portion of the economy related to it, with little or no deterrence
effect for counterfeiters.

The best solution is the good old way of security features that can not be
reproduced properly.
The ECB has been good at outpacing the technology available to conterfeiters
with the finest features on the current euro notes :
- patterns
- double-side printing, with see-through registers
- ink colours and textures
and with easy to recognise, non-printable features, like :
- watermarks (by the way, why not coloured watermarks ?)
- embedded artefacts, like security threads
- fancy hologrammes
- UV features

The ECB will keep safe from criminals, stupid or clever, only by keeping on
the good work of campaigning, training and outpacing the people.

Damien Allain


Gimp-developer mailing list

Reply via email to