Domain: macfergus.com
Stories and comments across the archive that link to macfergus.com.
Comments · 14
-
Re:It simply doesn't matter...
Yes, HDCP is broken. It was broken quite some time ago by Niels Ferguson (a well known cryptographer).
-
When FREE SPEECH and DMCA Collide
Another point of view. Censorship in action
...Suppose a US citizen works for a firearms manufacturer in the US, making guns. One of those guns turns up here in Amsterdam and is used to commit a crime. This person takes a holiday over here in Europe, and is arrested for violating the Dutch firearms laws because he helped manufacture the gun in the US... -
Neils Ferguson - seems to know his stuff
I sent Neils an invitation to respond to this thread. Don't know if he'll get it, but I found his website on Google (put down that chair Steve....take deep breaths)
Anyhow - he seems quite smart enough to do what the BBC article mentions, but after reading his site a bit, I think the guy would have a real problem if asked to code a backdoor. He seems to be ethical.
Tin hat conspiracy weavers would say that unbeknownst to Neils, who is a front, that there is yet another team coding the backdoor.
And yet, as long as you use a OS that will not release its' source code, suspicions will always lurk about something.
-
Reminds me of a link from an earlier /. posting
http://www.macfergus.com/niels/dmca/cia.html
How there is some huge security hole in hdcp. I really don't think we have much to worry about, as people will break this, publish the results, and we can get all the movies pirated.
I'd much rather download movies and have the risk of being caught then paying a ton of money for movies that won't even play at full resolution on the computer I already own. -
Re:I really hope...There was also a recent article (i forget the url) by someone who claimed to have cracked HDCP. As i recall it was along the lines of comparing the outputs from 10 dvd players/tvs to determine the master key. He never released the information for fear of DMCA, but if someone was to repeat it you could see black market type dongles.
Possibly this is the article you mean. Its more about freedom of speech rather than about HDCP as such, but an interesting read.
-
HDCP
HDCP protection you say? Good thing it's already been broken (albeit anonymously). Coming new to you, DRM'd speakers, and your very own set of ContentProtection ((TM)) eyelids!
-
Re:That's okay...Circular defense.The whole system needs change so that people don't have to take out such defensive measures.
I just finished reading Practical Cryptographyby Niels Ferguson and Bruce Schneier, and in the back there is a brief chapter about software patents. These comments are in a crypto book, but are addressed to software patents in general.
Among the choice comments are:- Our current patent system is completely out of control. At best, patents are a necessary evil. At worst, they are an entirely legal form of fraud and blackmail.
- We think that the IT industry would be better off without patents than with patents.
- [t]he current system is simply not working.
- The patent system won't be fixed, because there is simply no political gain to be made in this aread.
Sad, but there you go.
BTW, the book is truly outstanding, and fills a huge gap in the literature of crypto: watch this space... -
Link to the official specification
Check this out. It's the home page for Digital Content Protection, LLC -- the folks who administer the HDCP protocol licensing system. At this site you'll find HDCP's specifications, upstream protocol, license agreements, reseller agreements, etc.
Of interest, also, may be Niels Ferguson's paper in which he details the cryptographic weaknesses in HDCP. Unfortunately, he won't publish the document due to fears of being prosecuted under the US DMCA. -
HDCP is lame
It will be cracked in short order and be about as usefull as CSS is for the DVD format.
Check out Niels Ferguson's Censorship in action: why I don't publish my HDCP results -
Bill of Rights
Just to make sure I have this straight, the DMCA can be straightforwardly interpreted to violate both freedom of expression (e.g. this story, previously a Slashdot headline) and due process (this story).
Other than that, it can easily be interpreted in a manner which violates fair use and other non-Bill of Rights concepts which most people tend to think are Good Things.
It allows exemptions to some people (e.g. public libraries) for some things, leaving it to the judgment of those people, while leaving nothing to the judgment of the majority of the people.
It uses such specific language that only encryption research is exempted, while researchers into other methods of "technological measures used by copyright owners to protect their works" may not publish their work for fear of prosecution by any party that could theoretically be involved (company that created the measure, company that might purchase that measure, anyone who owns a copyright of soemthing on the medium in question, and so on).
Is there anything worthwhile in this law that wasn't around before? It seems that at least the titles concerning the WIPO treaties tend to counter rights that we should have in the US, according to previously existing documents, if not to most people who live here.
-
Well, the threat served it purpose
They shot a warning and the scientific community, threatening people to discuss their findings. We had a nice story here yesterday about Niels Ferguson (formerly at Digicash, his homepage, btw, can be found here). So for them it was a step in the right direction. The problem is way more fundamental, going hand in hand with the full disclosure discussion that goes on today. People will find security flaws and, if you do not publish them, "Blackhats", people doing this for BUSINESS, will exploit them. If you disclose your findings and help the organizations (because, no matter what you say, somebody who owns the rights for content should have the right to protect it) to find a reasonable level of security enabling them to maintain their business, you help the companies. And this is a good thing. Alternative models might work in some places (Shareware, donations, voluntary work) but not in all cases. And people want to pay their bills, raise their kids and send them to school. If you think that is wrong, then we might want to start a new discussion on capitalism vs. communism vs. marxism and other models.
-
Re:The Complete Document
The Complete Document can be found here:
http://www.macfergus.com/niels/dmca/index.
h tmlVery good stuff. Too bad they didn't link it in the story.
Yes, this is informative. But this is helpful.
Very good stuff. Too bad you didn't link it in your post.
-
Re:Crap.How about making your link clickable, eh?
http://www.macfergus.com/niels/dmca/index.html
There ya go. Sheesh. -
Essay by FergusonHere is where Ferguson explains his position.
This is a very good essay. It does an excellent job of explaining the problem with the DMCA succinctly, and in a manner than anyone can understand. I'm going to keep this link and use it whenever I want to explain the problem with the DMCA to someone non-technical.