Re: Whatever happened to Microsoft's DRM plan?

Home	Messages Index

[Date Prev]	[Date Next]	[Thread Prev]	[Thread Next]

Author Index	Date Index	Thread Index

Re: Whatever happened to Microsoft's DRM plan?

Subject: Re: Whatever happened to Microsoft's DRM plan?
From: Homer <usenet@xxxxxxxxxx>
Date: Sat, 28 Jun 2008 17:28:47 +0100
Bytes: 4047
Cancel-lock: sha1:dKOKTXuHFN5fLCNwBWv30KEOVbw=
In-reply-to: <ZJr9k.6429$1I.1542@xxxxxxxxxxxxxxxxxxxxxx>
Newsgroups: comp.os.linux.advocacy, comp.sys.mac.advocacy
Openpgp: id=BF436EC9; url=http://slated.org/files/GPG-KEY-SLATED.asc
Organization: Slated.org
References: <068439a7-0aaf-4c74-80fa-8f09ccebc6f8@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <1y1n6s2alw8q4$.dlg@xxxxxxxxxxxxxxx> <FNOdne6PhLjWp_jVnZ2dnUVZ_tzinZ2d@xxxxxxxxxxxx> <1wk8b6n6e9pir.dlg@xxxxxxxxxxxxxxx> <ZJr9k.6429$1I.1542@xxxxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1.14) Gecko/20080501 Fedora/2.0.0.14-1.fc8 Thunderbird/2.0.0.14 Mnenhy/0.7.5.666
Xref: ellandroad.demon.co.uk comp.os.linux.advocacy:657251

Verily I say unto thee, that Linonut spake thusly:
> * Erik Funkenbusch peremptorily fired off this memo:

>> Yep.  All the TPM chip is is a hardware repository for encryption 
>> keys.

Oh dear, I thought it was only your protégé Smith who feigned obtuseness
to obfuscate the truth. Here's the part you missed:

[quote]
Remote attestation allows changes to the user's computer to be detected
by authorized parties. For examples, software companies can avoid users
tampering with their software to circumvent technological protection
measures.
[/quote]

http://en.wikipedia.org/wiki/Trusted_computing#Remote_attestation

This is an abuse of technology that violates consumers' fair-use rights,
that might (for example) be used to prevent making (or subsequently
using) backup copies of purchased media. IOW this is DRM.

>> For example, it's hard to have a fully encrypted hard drive without
>> something like a TPM (otherwise you have to carry keys on a USB 
>> drive or CD or something similar)
> 
> Isn't the latter kind of what you'd want to do anyway, to keep the 
> machine safe when you're not around?

I would imagine it's easier to access (and subsequently hack) keys
stored on a standard mass storage device than a TPM, but I suppose that
depends on the hacker and his tools. Of course the upside to using
removable storage is that the hacker must first /find/ and steal that
device (in addition to the machine being hacked) before he can proceed.

In either case, there's always cold-boot attacks:

[quote]
Generally, pushing the security down to the hardware level in
conjunction with software provides more protection than a software-only
solution that is more easily compromised by an attacker. However even
where a TPM is used, the key is still vulnerable while a software
application that has obtained it from the TPM is using it to perform
encryption/decryption operations, as has been illustrated in the case of
a cold boot attack.
[/quote]

http://en.wikipedia.org/wiki/Trusted_Platform_Module

-- 
K.
http://slated.org

.----
| "Stallman has frequently pointed out, Free Software is by no means
| antithetical to making money: it's just a question of how you make
| money." ~ Glyn Moody: http://tinyurl.com/4wn2l2 (ComputerworldUK)
`----

Fedora release 8 (Werewolf) on sky, running kernel 2.6.23.8-63.fc8
 17:28:21 up 190 days, 14:03,  2 users,  load average: 0.05, 0.05, 0.06

[Date Prev]	[Date Next]	[Thread Prev]	[Thread Next]

Author Index	Date Index	Thread Index