Slashdot Mirror
Andre Hedrick On Hard Drive Copy Protection
How voluntary is voluntary?
by squiggleslash
Is making the CPRM spec a feature that can be turned off truly making it voluntary, given that presumably some content will not be supplied to users who fail to leave CPRM enabled? Would it not end up being as "optional" as DVD CSS encyption and non-zero region encoding?
Andre:
SHALL != MAY :: REQUIRED == OPTIONAL
Because no one in the industry wants to be caught out of sync, it has been a running joke that "OPTIONAL" is the same as "REQUIRED"....
HOWEVER, the case of CPRM got a laugh that it could be the first "OPTIONAL" feature that would remain truly "OPTIONAL"! We all laughed around the room.
DVD CSS is in the world of MMC/SCSI, I can not comment.
Choices...
by cnladd
I apologize for the open-endedness of this question, but I have to ask it anyways. :)
If this copy protection were to become mandatory, I can definately imagine the effects that it would cause. But what effects - both long and short term - do you feel this would cause?
Andre:
Sorry, I do not feel anything! If you wish to know what I THINK, then I will answer the question. The very nature of asking people how they feel about an issue allows one to wrap it in fuzzy language, and this is how we got into this mess. So THINK DAMN-IT do not FEEL, this is silicon and not flesh!
Think about all the software you own for backup -- WORTHLESS in a CPRM environment. OPEN wallets!!!!
Ever had a morning where you were not kissed and told "I love you," when the night before you SCREWED so wildly that you could not remember?
GOOD MORNING!!!!
How to defeat it?
by sulli
If this is forced through the industry, how would one write a DeCSS-like tool to defeat it? Is it in some way bypassable in software?
Andre:
Unlike DeCSS that has media with seed keys that can not be updated, ATA devices (not ATAPI) can be updated as old keys are hacked.
After creating my proposal, it was deemed too complex to use, thus the only way I would withdraw it was to use the simple rules of Word0 Bits 6/7 to define FIXED/REMOVABLE as the boundary.
Thus it appears that I have agreed to drop the no longer needed enable/disable CPRM feature set, because ATA-Devices supporting Word0 Bit6 set to ONE are not going to be allowed to have CPRM support!
Thus we may have finally won the removal of CPRM from your HARD DRIVE!!
WOOHOO WOOHOO WOOHOO WOOHOO WOOHOO WOOHOO!!!!!!!
Now your REMOVABLE ATA - that looks like it is going to be still bound to CPRM rules. Compact FLASH, IBM MicroDrives, Sony Mem-Stick.... Things that are defined as "MEDIA" and not FIXED!
Better solution?
by RareHeintz
The hard-drive copy protection scheme seems to me to be yet another attempt (in the vein of DVD/CSS, DPMI, etc.) to maintain a legal structure (that of multinational corporations with scarcity-based proprietary information models) with a technical fix. On /., it may be taken as an article of faith that such efforts are doomed - smart people solve legal problems with lawyers, and technical problems with technology, and know the difference.
My question, though, stems from the fact that (like it or not) software companies are within their rights to get paid for software they write, and to set up their own price structure, and to prosecute those who steal their software.
So the question is: If this misguided idea of hardware-based copy protection gets successfully scuttled (and I hope it does), what better solution might there be for proprietary-model software companies that has the benefit of providing them superior protection from pirates without screwing the rest of the world out of the benefits of the currently open hardware model, such as "fair use" under copyright law?
My US$.02: Coming up with such a "third way" solution could go a long way toward killing media-based copy protection - give them an out, and they might take it.
Andre:
Media serial number command proposal (e00163r0) by Microsoft, and for the record they are the good guys this time! Ths proposal has more uses than what it is listed. It also used this stuff that is already in the market that you do not know about but use, SURPRISE!!!! (I was also surprised).
This new command could be used a seed for encrypting content, but before you go NUTS - This command is only reporting sections of the IDENTIFY page command. NOT TO WORRY, 30 (thirty) minutes and the HACK to disable it is complete......
It has uses more valuable to Linux than what it is presented as... Imagine that you want automatic hotswap to de/re-register the device, this command is passive and thus will not hang a system....THINK before you COMPLAIN, because I agree technically with the command, and see no harm from it that cannot be undone.
How does 4C justify their position?
by plover
What is 4C's reponse to "why don't you push for enforcement of the current copyright laws instead of an unpopular techno "fix" that will be thwarted upon release?" How do they justify their position?
Andre:
Most likely the law passed 2 years ago that provides and supports copyright encryption. Ask John Gilmore of the EFF. I think they are doing that with this model.
(Politics) If people will get off their butts and follow what their government is dumping on the country, you would be able to prevent this from ever coming to life.
Re:How does 4C justify their position?
by Snowfox
How does the 4C justify their position to the consumer? How is this in the consumer's best interest?
Andre:
Don't you what to download the movies you would not pay 7-10 bucks to see at the theater, in exchange for screwing up your computer? Boycott Hollywood and all movies, and see them crumble, is a counter-attack.
I'm still confused
by HuskyDog
I gain the impression that compliant (presumably closed source) software encrypts data as it flows on and off the drive using keys which are specific to each drive. So, if the file is moved to a different drive it won't decrypt any longer? Have I got the right idea? If so, its only applicable to those prepared to run closed source software, right?
Andre:
BINGO! Give that DOG a DOOLY from the FAIR! (GOOD MORNING!!!!, again)
Enforcement on Open Source platforms
by TWX_
How can copy protection of data be maintained on hard disks and other media if the operating system has the ability to use partition types that encrypt? Wouldn't a layer in an OS kernel be able to circumvent a good portion of the measures if the data does not reach the drive in its original form?
Andre:
No, the DIRTY work is done in USER-SPACE and the file is written down with standard commands now. The XOR calculations originally proposed for the drive would have made the DRIVE do the DIRTY work.
Is this already approved for SCSI and Firewire?
by VValdo
Last week we read that a copy-control scheme similar or identical to CPRM has been already approved for SCSI and Firewire (without objection...probably because no one knew about it.)
First off, is it true? Secondly, why hadn't we heard about this before? Can we expect this technology to be built into all new SCSI and Firwire hardware, or is "optional" there too?
Andre:
It is my impression that the game is over there, but join T10 and raise HELL!
What can we do to help you?
by rho
This proposal is a tragedy to personal liberties and freedoms (and rates pretty high on the Suck-o-Meter), and your efforts thus far are admirable.
So, I want to know, what can we do to help? Letter writing, calls, faxes? Stand around and go "Brrbbrrbb" with our lips?
How can we aid your efforts in the most effective way?
Andre:
Well it appears that everyone has ruined the Christmas vacation of the current officers, (I am glad that I did not accept the potential offer to consider vice-chairman at ths time, but I may reconsider), and all the nasty-grams have been forwarded to the members. We have been asked to review the content by the acting chair, with a notice to re-think the actions to be considered in February.
Also you may vent on , but you will get no answer. I will forward this to the members of the committee.
Cheers,
Andre Hedrick
Linux ATA Development
I agree. Those are some really strange answers and I stopped reading the interview halfway through. I hope to read Andre's other responses once he woke up and wrote a second set of answers.
------------------
------------------
You may like my a cappella music
... not give the person interviewed 5 tin cans of penguin mints just before the interview.
...check that they didn't SCREW WILDLY the night before.
...disable the perl script that inserts RANDOM capitalizations IN the TEXT.
-- the cake is a lie
Let's try an experiment - Decide which of the following quotes are from Andre, and which are from Zippy the Pinhead:
answers below
Farther down.
Here they are!
Answers:
IN a more serious vein, it does sound like the hard drive problem either won't happen or will be easy to overcome... YOW!
Anyone happen to have links to the Microsoft system he discussed? I like to think I'm in touch with social norms but this dude really threw me some curve balls. So seriously, here's one more question for you.. What did 90% of your responses actually mean?
How we know is more important than what we know.
wonderful responses, but... the last question asked what we can do, but Andre basically said "you can vent all you want...but..." i don't think this is the case. earlier in the piece, it is mentioned that a law passed about two years ago spawned this demon crap. i strongly recommend that anyone interesting in countering some of these horrid laws PLEASE JOIN the eff right away...i wish andre had answered the last question this way. finally, the one comment about "give the dog a dooly"...the question and answer were great. anyone not sure they understand all this stuff should look that one over.
Treatment, not tyranny. End the drug war and free our American POWs.
See my user info for links.
All forms of copy protection can be defeated.
This is not like saying, "Anything is possible" - or a generalization. It is the absolute truth, and anybody who understands the inner workings of computers knows this.
The reason it is possible to defeat all copy protection, is simply because with todays computers you have access to the software you are running; you must have access to it, or it could not be on your system.
To defeat copy protection, you need only analyze how the software protects itself from illegle copying and circumvent it through the use of additional software, or modifying the original software.
Software companies can make the process as complicated as they want, the US can pass laws banning all reverse-engineering (Which is the equivilant of banning simple problem solving concepts, ie: 2x4 = 8 but legally you can't find out what 8/4 = ). Or the other way around, (Few what a paradox).
The only solution to prevent illegal copying is either to have very good public relations and rely on the honesty, and ethic of the general public in relation to your product (This is the best solution);
Or to offer your product on 'closed' systems, that is, systems where installing software and working with the contents of memory yourself - are next to impossible. Systems which are not made to be configured by the general public.
To my knowledge, these systems really don't exist; as everything today is made programmable, and the concepts are understood by everybody. You can program for game consoles, PDAs and home computers. And until the price of fabricating technology comes way, way down; there is not going to be a solution to the problem of copy protection because systems are made to have multiple uses, and this in itself gives anyone the ability to modify their software to do things it was not intended to do.
People demand these options, companies provide them, and then companies get angry that people demand total control over the products they own. It's BS.
I say, take back the right to use software however you wish; it's up to the companies to convince the users that their software is worth paying for.
I have a copy of Windoze, I use it regularly, and I refuse to pay for it because I am not convinced, not in the least, that it is worth a hundred bucks; not to me, and not to most computer users. It is closed-system software, and it sucks.
If microsoft had not cornered the software market so long ago, I would not be forced into running their crappy product for compatibility issues; and therefore I feel I have the right to use it free of charge, how else am I going to play Counterstrike...
Ace
Ever had a morning where you were not kissed and told "I love you," when the night before you SCREWED so wildly that you could not remember?
Inquiring minds want to know...