[Sussex] BBC Video Downloads

Steve Dobson steve at dobson.org
Sat Feb 10 03:23:00 UTC 2007 

Nico

On Thu, Feb 08, 2007 at 03:44:35PM +0000, Nico Kadel-Garcia wrote:
> Steve Dobson wrote:
> >DRM is basicly an encryption technology.  And the first rule of encryption
> >is that you've got to keep your secret keys secret.  DRM doesn't do this,
> >everyone uses the same keys.  I think it was Blu-Ray that was recently
> >cracked by someone just who was walked through the memory dump of the
> >player software taken when it was playing a disk.  Because the key was in 
> >the memory image somewhere it found it.
> >  
> I suggest that you take a good, hard look at "Trusted Computing".

I am aware of "Trusted Computing" but I will admit that I haven't read
the specs myself.  

>                                                                    Keys 
> can be stolen, but they're also designed to be expired or revoked. And 
> by building it in at the CPU level, and in other hardware, it's possible 
> to prevent hard drives from being accessed without the keys, which are 
> far more properly managed and protected than most such tools.

While a key can expire or be revoked that does not stop them working.  The
software you run may decided not to allow you to use it but that doesn't
mean that the software I use enforces that policy.

> And remember who will be managing the keys: Microsoft, with inevitable 
> cooperation with federal agencies who admit the need for encryption in 
> the modern world, but absolutely want access to to the master keys. Be 
> very nervous about this material, formerly called "Palladium". I was at 
> the presentation by Brian LaMacchia where Richard Stallman reared up on 
> his hind legs and started pointing out clearly abusive features built 
> right into it, inherent in ihts design.

Palladium, Treacherous Computing (TC), call it what you will, I agree
that it is an abusive technology.  But it is there for the needs of the
entertainment industry which want to deliver their content to your
desktop in a secure manure.  An industry that is worth something like
$10 billion per annum.

But the IT industry is worth $100 billion per annum and I would suggest
that most of that money is not spent by the home user that wants to watch
the latest Hollywood blockbuster on this PC.  That suggests to me that 
there is a market of hardware that doesn't provide TC if it can be made
cheaper that hardware that does.

Does the One Laptop Per Child system support TC?  I bet it doesn't, yet
Microsoft is porting some version of Windows to it.  Why?  Because the
market that OLPC is going after is huge and Microsoft want a slice of it.

I also think that TC will be a problem because of the anti-trust pain
it could cause Microsoft.  In the Vista blog Dave Marsh responded to
Peter Gutmann worry on the ability to write open-source drivers thus:

   Q: Do things such as HFS (Hardware Functionality Scan) affect the
      ability of the open-source community to write a driver?

   A: No.  HFS uses additional chip characteristics other than those
      needed to write a driver.  HFS requirements should not prevent
      the disclosure of all the information needed to write drivers.

This also makes good economic sense.  Intel, IBM, HP and AMD who were
also part of the Trusted Computing Group, with Microsoft I am sure would
not want to sacrifice their Linux business if they didn't have to.  

Steve
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mailman.lug.org.uk/pipermail/sussex/attachments/20070210/74a0c523/attachment.pgp

More information about the Sussex mailing list