[Sussex] BBC Video Downloads

Nico Kadel-Garcia nkadel at gmail.com
Wed Feb 14 09:42:26 UTC 2007 

Jacqui Caren wrote:
> Nico Kadel-Garcia wrote:
>> This week. But take a careful look at where it's headed: Brian 
>> LaMacchia, who is one of the core authors of the technology, at his 
>> MIT presentation on it when it was called Palladium, indicated that 
>> there's a real security desire to control the BIOS and boot devices. 
>> It's even extensible with the existing standards to control media 
>> devices such as DVD drives or USB memory sticks: 
>
> Encrypting motherboard bus lines is insane for home applications.
> Even mil spec devices do not require this level of encryption.
> The only people who befit from bus/interface encryption/singing
> are the RIAA.
What? The intended keys are on the devices themselves devices: the boot 
loader needs a registered signature, the hard drive  or DVD has a 
registered key required to access the device, etc. The point is to get 
signaures and authentication, not encryption of data after that.

> Anyone who has used HP mainframes will know where this comes from.
> In the bad ol' days you had to buy a HP certified drive - the 
> controllers in a HP box would only talk to drives "signed" by HP.
> Other third party drives would not ever appear!
Oh, yes. that sort of stunt. I wasn't thinking about that, but yes, iti 
becomes more likely with Trusted Computing management of hardware.

> A recent foray into diesel injector technology shows that this is not
> just a problem with IT systems. Common rail fuel injectors are very 
> simple but now each injector has a chip embedded with the main purpose
> of requiring a main dealer to recode your engine management unit if you
> change an injector. An injector used to cost X UKP but now costs XUKP 
> + Y UKP for re-coding and Y >> X, forcing you to use main dealers for 
> service work, cutting small garages and parts resellers out of the loop.
> Chips in high temp parts of the engine such as injectors simply do not
> make good design sense, with some designs already showing high
> failure rates.
Printer cartridges: there have been lawsuits about this with various 
printer companies refusing to allow other companies to duplicate hte 
chips for their cartridges.

More information about the Sussex mailing list