[Gllug] [OT] CF card mp3 players?
Mike Brodbelt
mike at coruscant.demon.co.uk
Sun Oct 17 14:30:32 UTC 2004
On Fri, 2004-10-15 at 15:46, Richard Jones wrote:
> But how is this region "locked"?
Hardware in the SD card allows access to this area only when
"appropriate" external devices are detected, according the the SD
website. I take this to mean it works a bit like CSS on DVDs, in that an
"appropriate device" is one that can present the correct cryptographic
authentication. I'd guess that's why no open drivers - to manufacture a
device that's allowed to talk to the protected area, you need a key
provided by the SD association, which you then build into your player
hardware or driver software. Doubtless getting such a key is contingent
on signing an appropriate NDA, and promising not to build any hardware
that can do things the copyright cartel wouldn't like.
> Surely to decrypt the track you've
> got to read the encrypted track and the key, and presumably the SD
> card itself doesn't have any decryption technology on it, so that
> means it must be the connecting device which reads the key ... in
> which case you've got no security. Is the reason that SD drivers must
> be closed source mere security-through-obscurity?
Basically, I think so, yes. That's what CSS was based on too - it only
worked as long as none of the manufacturer keys were compromised. As
soon as one was, breaking the rest of it became straightforward
(admittedly they'd also used a bad algorith implementation, IIRR).
There's an overview at http://www.sdcard.org/sd_memorycard/index.html
which may be worht a quick look. There are also patent problems with
some elements of SD/SDIO, I think.
Mike.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list