Slashdot Mirror
Document-Destroying Copy Protection System
Jeff Scarpace writes: "Defense and intelligence alums, including former Defense Secretary Frank Carlucci, are marketing a copy-protection system that works by taking control of your computer. Try to hack InTether, the creators say, and it destroys the document. Check out the article article here." Strangely, this system works only with Windows. Hmmm. Interesting too is the mention of SPOCK, or Security Proof-of-Concept Keystone.
Think about it, by allowing the user full control over his computer it is virtually impossible to apply digital rights management mechanisms (as you lined out) even InTether (which obviously only works, because every application can tweak the Windows OS to it's hearts content) can not stop me from booting into Linux and start dissecting it, copying any files, restore my HD to any state i like, you name it.
/dev/null ... is yours to decide. But now the Media Industry wants to protect "files", simple chunks of data, from copying. This is obviously only possible by working with a crippled OS, since copying (from the network card to ram, ram to hd, hd to ram, ram to processor ...) is what a computer does all the time, even more than computing (typical operation: Load OP a, Load OP b, Mul a*b -> a, Stor OP a; 3 copies, 1 compute) but now the OS has to trace all that copying, has to ensure it doesn't happen unauthorized, suddenly buffering becomes a major headache.
Now let's look what happened to DeCSS: it allows you to convert CSS-protected content to a form you can watch on your linux box. What you then do with it, view it, copy it, send it to
Now microsoft tells the would be Mediacontrollers: "Look here, we bend over your customers nicely, so you can screw them, all we want is a little share in the profit", and Linux, allowing all that free copying, suddenly becomes a copyright circumvention device.
"By the way if anyone here is in advertising or marketing... kill yourself." -- Bill Hicks
WOM - Write Only Memory!
You're not getting it, man. I used to be one of the programmers on InTether. It works on any kind of file, you will not be able to mount it under linux and copy anything out. And you can fit quite a bit in 300k. Its not normal application code, man....
I hate to break the news to you, but 300k of code screams 'challenge' at me, as ZX Spectrum R-register decoders, and Rob Northen's Amiga copylocks did. They spent their entire time being 'difficult' to trace through (one-ahead instruction decryption based on the status register, hardware timings, etc), and they were cracked in days. Vast step my arse - your product may be 80x larger than an RNC copylock, that just means it'll take longer to crack. I doubt your code will require 100% accurate emulation as copylocks did. Provided the 'prize' (encoded content) is good enough, someone will endure the brainfuck of cracking it. There might even be an internet-based team to do it. It's just x86 code, the are no real secrets involved like true cryptography. DRM is the new guise of game disk copy protection, nothing more.
Not all Slashdot readers are fresh-faced web scripters. Some people are actually 0ldsk00l.
Does my bum look big in this?
This is exactly the sort of thing we need (assuming it actually works). Like Harlan Ellison said, "Information wants to be free" is bullshit when we're talking about people's livelihoods depending on selling that information. A good program like this would allow legitimate, beneficial "fair uses" and prevent outright theft and piracy.
You see, contrary to what the typical, self-centered pseudo-anarchist pirate-citizen believes, it is NOT beneficial for music and other forms of art to be freely stolen.
If I understand how VMWare works, that would be a problem because VMWare uses special Windows video and sound drivers that interface to the VMware virtual machine. But that can be solved as well, by emulating the video and sound hardware and running signed drivers on it.
Use Virtual PC on a Macintosh.
It emulates hardware, including the x86 processor. It's not fast, but it's great for certian uses. It spells out exactly what it emulates. A Dec 21041 ethernet card on IRQ 11. A Trio S3 64 video card. etc., etc. Just read the manual.
I love the Virtual PC approach because I can install any OS on it. The OS doesn't "know". Pity it only runs on Mac. Too bad we don't have source so we can put hooks into it to save the video / audio. Of course you can still do screen capture on the Mac itself, thus capturing Virtual PC. I suppose one could develop Mac software to capture the sound at the MacOS level, thus defeating all signed and secure pathways in Windows and the Virtual PC emulated hardware.
Those who would give up liberty in exchange for security and DRM should switch to Microsoft Palladium!
Yeah, it does... and the part, nearly halfway in, where he talks a bunch of sh1t about some other company and thier pitiful excuse for a document securing system.
Brant
Brant
Argle. Bargle.
How much longer until corporate sponsored "war squads" will descend upon copyright violators, circumventing whatever "legalities" are in their way?
I can certainly imagine a scenario where a corporation -- RIAA or Microsoft, for example -- frustrated with the slow legal process of finding and then prosecuting copyright violators decides to covertly sponsor a Delta Force-like "tactical copyright squad" to go in and eliminate the copyright violations.
...
It's craziness. Mark my words. Ten years from now. We'll be hearing stories about "corporate BlackOps". Copyright squads. This is what all those black helicopters are. They're corporate-sponsored "Information Fighters."
Hmm...sounds kind of like Shadowrun...
Once again the universal turing therom [all turing complete machines are equivlent] and the makes it possible to break copy protection.
Could this be a violation of the DMCA? :)
Free Techno/Jazz/DNB/MI Music by guys obsessed with monkeys!
Note the only "military" application: Preventing casual users of turnkey systems ("Here, Sargeant. Use this machine.") from inadvertently emailing sensitive documents home.
Note what isn't in his DOD application: Preventing highly-trained adversaries (spies) from gaining access to the data.
Finally - the FUD factor: Multiple "snake-oil crypto" signs are here... "11 different layers", as though that makes it more secure than, say, 10 different layers? More layers mean more security, right? I mean, there are more of them! Or phrases like "white screen of death", as opposed to "if the software detects tampering, it deletes itself".
It's a cute hack to wrap DRM in an executable and bundle it with a file for 'doze, but it's hardly worthy of the "military grade document-destroying copy protection system" kind of hype it got in the puff piece at inside.com.
Go, Schneier, go.
granted I am but a lowly programming student, not a real programmer, but one wise thing one of my profs keeps telling us is that "your program might do exactly what you designed it to do, but if th users can't use it, then it dosn't work !"
>br> not that i believe everything i hears in school, it just seems like good advice
One Bourbon
One Scotch
and One Beer
And, how do you destroy that information? When the software is running under VMware with virtual disks that you can just roll back? Or under wine emulation where you disable any writes? Or any other environment, that can trick the bejeezus out of any silly application like this? How are you going to ensure your application can really write? How does the application know it can trust the system clock?
It Will Not Work. Either you have hard encrypted material with no ability for anyone but _you_ to decrypt, or you have total control over the physical system, and those are the _only_ ways you can control what anyone does with the data.
As soon as the customer can use it, they will be able to use it any way they want, given sufficient skill (actually, in this case you wont even need much skill to crack that kind of security).
-m
The BSA is doing this to businesses. They get a warrant from a judge and show up without warning with federal marshalls.
If this technique works for the "good" guys, it will work for "bad" guys as well.
I believe that it's in the interests of Microsoft to plug this hole unless they are paid for leaving it open.
11.0010010000111111011010101000100010000101101000
Make a false version of it for documents to trust,
and have it happily decrypt and not restrict?
Probably wouldn't be too hard..
For every problem, there is at least one solution that is simple, neat, and wrong.
So, you're saying that InTether cannot be traced using a PC emulator? That a piece of software (in this case, "driver-type code", which isn't really any different from normal application programs apart from running on a different ring) can decrypt something pseudo-automatically and not have the decryption key (or algorithm state, which is pretty much the same thing) somewhere in RAM where an interested party can trivially snarf it out?
Listen, "dude", there have been countless attempts at binary program security (disassembly thwarting), of which exactly 0 have worked. Remember, code == data, software == hardware.
Oh yeah, your semantic trickery (that "it's not security, it's content control" bit there) is a fucking smokescreen. Get real.
.. i could have swoorn thata this Tech has been available for a long time.. Now granted most of them work off af a series of "Panick Keys" that usually have to be typed in locally, im SURE if you look hard enough you can find somthing that does the exact same thing, probably for cheaper, and usually toy can SPECIFY what will be DEL'd... of course its reaslly a moot point, cause even if you Torch the disks the data is on, with enough time, money, and expertiese, it can be recconstructed.... well short of a format, but who would take the obvius route. Heck, to all the coders out there, MAKE A PROG THAT DOES THIS!!! Open source, just outa spite
BAH! Wave of Paw
easy holes...\ =\
F8 at startup
bootdisk
read bits directly from the HD
need I go on?
=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=
They've put some fancy bells and whistles in here, but this is really no different than css. As soon as you "tether" a document and distribute it, you're handing the content to someone else. The various defenses they have put in (white screen, document destruction, system reboots) are trivial to work around- just hack the content on a non-windows box, or run it under an NT account that doesn't have the right to shutdown the system.
But what you're describing sounds suspiciously much like symmetric encryption, with some trickery to make sure that a certain program (who knows the token, aka key) can only access the data once before it's overwritten.
This means that at some point the computer that decrypts the file (i.e. the user's computer) knows what the required decryption key is. Which in turn means that if the main program of the content control system (whereever it may be) is analyzed to find out where the "last tokens" are stored and how (which gives us a decryption key to the token database at the very least), the system will become breakable.
The main problem of this type of systems is, of course, that you really really can't expect to keep a file secret when you give both the decryption key (i.e. the first token) and the data to the user.
The more and more content providors, be they government, entertainment or computer industry want to control information, the more and more Microsoft complies, probably more than anything to get on the government's good side. This is a disturbing trend, but sadly, not a surprising one.
Since this system and others like it are by definition incompatible with open-source software like Linux, Linux has become the defacto standard if you want to be sure that you control your own computer and the information on it. The benifits are plain to see. You can 'hack' any document you choose and know the format for, be it a PDF (as mentioned in previous story) or something that is marked as secret, or something like the format listed here.
Linux gives users the ability to control their information.
Turn that around and you can see that Microsoft is building all sorts of hooks into newer versions of Windows that allow companies to try to enforce copy control and try to preserve their 'intellectual property rights'.
Windows gives companies the ability to control their information.
If it were this simple, it's obvious what operating system that the masses would prefer if given this choice. Unfortuneately, Linux developers have shown again and again that they have no people skills, and therefore no ability to make their software usuably by Granny and Uncle Jimbo. The vast majority of Linux software has had no usability testing whatsoever. Compare this to Microsoft Windows and MacOS, for whom usuability testing with non-technical people is a major, albeit understated part of software development.
The onus here is on Linux developers and distributors. The software you work with and produce provides the ability to fight for freedom of information. Unfortuneately, these abilities go underused because the vast majority of computer users will never understand anything other than a simple point-and-click interface. Because Linux is a OS for hackers by hackers, the gains in information freedom it engenders will never be shared by the non-technically inclined.
Making Linux *easier* to use may dumb down the interface, but it means more freedom for all concerned, and therefore, a sweeter victory in the information wars.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
Echelon has now added me to their database of political dissidents for using the words: Carnivore, Net, hacker and US in this posting. Resistance is futile!
The prime reason this will fail utterly is that Windows was not designed as a multiuser system.
That may be true for windows 95 and 98, but not for NT or 2000, it's a true multiuser system, but almost every home user uses the 'root' account.
I still don't think it would be posible to make this totaly secure, though.
Rate me on Picture-rate.com
"and dear god does this website suck now." -- CmdrTaco
Same idea. It`ll get cracked too. How wouldnt it? What will this lot do that all the other software writers of the last 20 odd years overlooked?
Unless its a hardware/software solution. Or i guess, seeing as its a client-server thing, you could only display little bits of info at a time, which were securely removed before downloading the next bit. If you cant cut and paste bits, or do screen grabs, or copy the incoming data via the modem slots, then i guess you`re screwed!
Loved the `post-napster` quote though! Is that anything like `post-beck` or `intelligent dance` then?
If you feel so strongly that a certain program is un-userfriendly, then WRITE THEM ABOUT IT!
How is somebody supposed to know that other people don't like their design if those magical 'other people' don't tell them about it?
--
Soma: because a gramme is better than a damn.
This is a little bit more serious than my previous post...
This cannot be right (+5 Insightful), for what is complete B*** S****.
I can think of, at least, two or three workarounds for this:
Just because you can think of something, does not mean it will work, if you'd really cracked Zero Knowledge protocols. Well; you'd better prepare to be world famous and prossibly dead, because you've got the combined might of the KGB, MI5 and CIA, Mossad, indeed every intelligence agency in the world chasing you around the globe.
In windows 9x, restart under "DOS command line only" mode, then use an hex editor after copying the .EXE and the protected file to another computer. You can also boot from a FreeDOS or Caldera DOS diskette to do this.
Game Over:
The original data is now useless, essentially 'corrupt', all because you throught you knew what you where doing, and did not. You've just copied some useless encrypted data. Well done. Using WinICE under Windows, while executing the .EXE to "read" a file would certainly yield interesting results...
Interesting perhaps, but useless, because the whole data set and token (key) would vary every time. So all you've got is more encrypted data. Well done.
Cracking the encryption scheme is, of course, left as an exercise for the reader. But, come on, how much encryption and "security layers" can you hide in a 300 KB windows executable ?
Left to the reader because you've got absolutely no idea what you're writing about. This is about zero knowledge protocols, something you clearly know the about the same about. All you've done, is copy encrypted data multiple times, and got different data each time.
Estimated time to crack: anywhere from 24 hours to 1 month.
Guessing again. Because this would depend on the underlying hashing algorithm. Not the Zero knowlege protocol used to access it. Repeat after me: security through obscurity does not work.
True, but this not. I suggest you do some background reading before you jump off in the deep end again.
Repeat after me: security through ego does not work either. Just because you think something is secure, or insecure does not make it so.
End of transmission.
I hope so.
My guess: Piece 1) They have an installable filesystem that uses a data file stored within the normal windows filesystem. This installable filesystem will only open files when piece number 2 says it's OK. Piece 2) A series of hooks into the GUI that intercepts Window Messages by hooking the systems event queue. If a clipboard message, print message, etc come through destined for the window queue corresponding to a "protected document" they're discarded. Piece 3) The "integrity checker" which is probably pinging the other modules to make sure they're still alive. (Hey, that's got to be good for system performance!)
--Rob
Every Day we get closer and closer to the inspector Gadget cartoon. The Chief better watch out.
"If IE is 'just a web browser' then emacs is 'just a text editor'."
sorta funny, i think the point is for most users the restart time is 6 minutes. My restart time is no where near that, funny too, that i hardly ever have to restart my windows machine. also, I dont think i have ever seen a machine with that kind of restart time. I think that rumors of how *much* windows sucks have been greatly exaggerated.
"Deltree /y C:\Music" would be more effective I think, since most people probably have some subdirectories to organize their music.
"If IE is 'just a web browser' then emacs is 'just a text editor'."
Imagine the combination of this technology with the "electronic text books" profiled on slashdot a while back. Those medical, dental, and other professional schools -- and the companies that supply them -- who have decided to sell textbooks to students on digital media would be able to ensure that students had to regularly "refresh" their books through contact with the providers' servers.
Equally, digital media with a "stale date/stale - {defined condition}" feature would ensure against people selling their old books once they graduated.
I can see why the publishing/mpaa/riaa/(fill in your favorite intellectual property monopolist) communities would love this!
I am glad that the model referenced here is so obviously vulnerable to userland/client-side hacking. Otherwise this is would be an information-freedom nightmare.
D
ELITISM: It's always lonely at the top. Uninvited company is rarely welcome.
Worry about your parrot on your keyboard.
if you think about it, this is (one of?) the only way to keep information secure -- don't allow it to be copied, and if somebody starts screwing around with it, destroy it...also, destroying after a set time period is another way to keep the information from getting around to too many places..
terradot, growing awareness
I'm more concerned with this becoming part of a virus/DOS attack.
Write up a VBScript email attachment that trips the InTether mechanism for all the protected files on the recipient's computer. Instantly all of the protected movies, songs, eBooks, legitimate or not, get deleted.
Or, better yet, fake it into thinking that an InTether document is open, and (according to the article) the recipient won't be able to cut/copy/paste/print anything else on the computer. We had to destroy the village to save it.
In a related story, the IRS has recently ruled that the cost of Windows upgrades can NOT be deducted as a gambling loss.
Roastbeef. Yep, that's me :) I still read the IO board every week or so... just not too many threads where I can contribute useful info anymore.
I've already got my computers and whole apartment to blow up at a moments notice already, goddamit. These people are amateurs. People call me "Bril".
Acting stupid isn't much fun when there's someone around who knows better
Well... it can't be encrypted without some kind of key exchange system. Either just telling someone a password that they need to type in, or a PKI system (which I doubt they have).
Otherwise, they would have to use the same key (or one of a finite number - that would have to be quite small if they want to be able to open the file in any reasonable amount of time) for every file. And that's a cipher, which is infinitely weaker than real encryption.
People never learn,
Yes, it's probably difficult to hack, yes you can force updates to the software, no it won't retroactively work.
If the current software version is 3.5, 3.4 has been sucessfully hacked then all files created with a versions = 3.4 will all be hackable on a machine that has not had 3.5 installed yet.
Anyone know if VMware will let you round this - Presumably the document could be read straight out of memory of the virtual machine.
Would the following attack work? Load up word + document on a low memory machine, minimize, load a huge application. Power off machine without shutdown, read data from swapfile off disk.
A trojaned copy of the application that duplicates the data to disk?
However, I suspect version incompatibilies will kill this, I suspect each service pack you download will automagically render you unable to read protected documents until the protected software is upgraded to match. Expect an upgrade an hour.
Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. (Einstein)
4.
3.
2.
Have a nice day!
1.
boooooom!
This is a little bit more serious than my previous post...
.EXE and the protected file to another computer. You can also boot from a FreeDOS or Caldera DOS diskette to do this.
.EXE to "read" a file would certainly yield interesting results...
I can think of, at least, two or three workarounds for this:
In windows 9x, restart under "DOS command line only" mode, then use an hex editor after copying the
Using WinICE under Windows, while executing the
Under Linux, mount the Windows disk with appropriate rights and use Linux equivalents.
Cracking the encryption scheme is, of course, left as an exercise for the reader. But, come on, how much encryption and "security layers" can you hide in a 300 KB windows executable ?
Additionnal brownie points will be given to the reader who determines which compiler and programming language has been used to create this little thing. (Hint: look at the end of the EXE file for informative compiler strings).
Estimated time to crack: anywhere from 24 hours to 1 month.
Repeat after me: security through obscurity does not work. End of transmission.
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
altavista.box.sk will remove that protection
I'll assume it to be self-evident that this kind of copy-protection is Bad and Wrong. Other people can start that debate.
We need to get some bad publicity going about this kind of technology:
*What if the RIAA could destroy your entire CD collection by sending the correct message to your computer?
*What if Windows crashing could destroy every book own?
*What if the MPAA could render your home-video collection useless?
If we're talking about digital copies of the above media with this kind of copy protection, *it could happen*
But what if no one bought the songs or movies or books encoded with this technology? Hmm?
Let's not let them take away our rights as we sleep!
Karma: Bored. (Thinking about resurrecting the "Anyone else is an imposter" joke.)
" Cry me a fucking river, you pansy"
A pansy is a idiot luser who can ot be bothered to learn how to use a program.
A pansy is a whiner who complains that the software someone worked his ass off to produce and then gave away sucks.
A pansy is someone who would rather bitch on slashdot then get off his butt and write documentation or test the freaking thing in the first place.
Why are you wating for someone else to do the testing? Is it too much to ask for for your pansy ass?
Screw mom and pop, they are idiots, they will eat whatever junk some corporation spoonfeeds them. They have zero awareness of the world around them, they don't give a flying donut about anything except their favorite TV show. The corps love them because they are so easily duped into paying money for useless junk wheather that's nose hair clippers or buggy software.
Let them lose their freedom they will enjoy having less choices, they will revel in knowledge that big brother is watching out for them. They will listen to talk radio and nod their heads mindlessly while consuming whatever junk is being peddled there.
The world needs stupid people and thank god there is an endless supply.
War is necrophilia.
But, come on, how much encryption and "security layers" can you hide in a 300 KB windows executable ?
You're obviously quite young. Otherwise you'd remember the 'Home Computers' of the 1980's. Typically an 8k or 16k ROM would hold an entire OS and programming language.
Of course that was when an OS was an OS and not an OS, a GUI, various applications, sandwich toaster, cuddly toy...
That's because it's NT based. and NT takes 6 to 8 minutes for reboot.
(and that's on a P-III 800 with 256 meg)
Do not look at laser with remaining good eye.
Kinda like, "The Colonel's eleven herbs and spices."
It's a cute hack to wrap DRM in an executable and bundle it with a file for 'doze, but it's hardly worthy of the "military grade document-destroying copy protection system" kind of hype it got in the puff piece at inside.com.
Yeah. I talked to a guy who worked for a while at the Navy. He said their machines had the capability to melt the hard drives with a special key combo + password. Now *that* is a document-destroying system!
Since the checksum file is signed at the factory, the private key would not need to be distributed - only the public key is needed to verify the signature. Any attempt to modify the executables, dll, or checksum file (including an attempt to NOOP out the checksum validation routine) would render the viewer inoperative. It would be very difficult to beat this sort of system.
The best attack against this system is to run it on a virtual machine like VMWare. The client operating system has no way of knowing that it's NOT in full control of the underlying hardware. Everything done in the virtual machine can be trapped and manipulated by the host OS.
Of course the best solution is to vote with your wallet and refuse to buy anything protected via this mechanism. Write a short letter to the offending companay saying "I'd love to buy X from you, but I will not do so as long as you use this copy-protection scheme." If they get enough letters like that they will get the clue.
Why is it that the proponents of "one nation under God" are so eager to get rid of "liberty and justice for all"?
As far as I know, there are virtual disks that restore to a certain state after restart....
The system starts at the same state again and again...
Speaking of vmware: I could grab those satellite photos from vmware, just grabbing the X window, couldn't I?
Short: As usual, security by obscurity is crap and only hinders an average user
Probably easier would be to just ignore the encryption and work at the bigger weak point, which is the interface between this software and the generic user applications. Something in this software, at some level, has to send the information in plain text to outlook so that the user can view it. (Or very worst case, it draws it as a bitmap to a window.) In either case, it is theoretically possible to slip something in their that grabs the data. The obvious way is to figure out what their dll is named, create one with an identical interface, copy theirs to another name and slip yours in its place, chaining to their original one. Then, just look at the data as it streams by.
How much they are checking for this (and exactly how) are the interesting questions.
The cake is a pie
Any Windows-heads
Cipherpunk actually:)
out there have an idea how this might be implemented?
There are several possibilities, based around what are called zero knowledge protocols in cryptography.
Essentially the chipertext become stateful, it's transformed each time it's accessed, the transformation process produces a new token each time the system is used/accessed and the new token must be used to access the data, the next time.
The correct token is must be passed into the system with the change request and the new token is returned. Any data that is accessed is actually removed from the data set, modified then resubmitted with the last token. The last token, must be used the next time, the use of the wrong token, corrupts the data, because it results in an incorrect transformation, because a one way hashing function is used, reversal is unfeasible, and tampering with the system changes it's state, therefore it also 'corrupts' the data.
neat eh :) it even amazes me.
This type of system is actually used when licencing databases, and only a very small sub-set of the data is ever used, like PAF's. It can also be used when an unchangeable audit trail is required.
A side effect is the document cannot even be 'official' copied either, it's actually removed from the system instead (where it could be copied and re-inserted). However the system would show this as a new document not the original.
I'm not sure if I see how this couldn't be circumvented by dropping in a new DLL on top of InTether that decrypts the file, but *doesn't* enforce the copy-protection scheme?
Doesn;t work like that, if the copy protection scheme is not used the 'data' become garbage rather than information.
Plus, how does it control this in the first place? Where in the Win API is this level of control possible? Sounds almost like it must replace Windows kernel calls, which would mean it's hard for it to keep pace with Windows releases...
Implemented on Windows, it would almost certainly leak information via the VM, & therefore to the disk. Unless the implementing software engineer, actually got in below windows.
This sounds sorta like a comperable version for your files.
-----------
"It takes a big man to cry, but it takes a bigger man to laugh at that man."
This is security based on a trusted client, the file viewer. If there's any way at all to tamper with the client, the security model breaks down.
Copy the file onto a CDROM and then try to hack it? How will it destroy it then?
Anything like this that ignores the fact that Windows is not the only OS is dead before it started.
Plus, what's to keep me from (1) uninstalling the software; (2) backing the file up to CDROM; (3) hacking on the read-only copy? Especially if I combine it with some of the other features, like removing the right to reboot the machine?
...phil
...phil
"For a list of the ways which technology has failed to improve our quality of life, press 3."
- Run Windows inside of VMware
- Run a program such as GoBack
Either way you capture the data, and can go from there. You could also pull out the good old sector editors, etc.I don't know why people insist that some things computer related should be ephemeral, and undocumentable, but they're racking up some massively bad karma along the way. It'll bite back.
--Mike--
Why could not someone just try opening the document under another operating system like Linux? The bits within the document must exist somewhere and one must be able to to read them and then attempt decrypt them at that time...
main(i){(10-putchar(((25208>>3*(i+=3))&7)+(i ?i-4?100:65:10)))?main(i-4):i;}
More to the point, if I put enough effort in, I can set up a perfect emulation of a Windows PC here on my Linux box. (Think in terms of running the real Windows under VMWare.) I can then hack that emulation so everything sent to the "screen" really goes to disk. Whatever method you use to detect your software is running under emulation, I can work around - run a benchmark? I just tweak the emulation's system timer so you think you're running realtime.
They might be able to get somewhere by using Net access, and sending cryptographic challenges across the wire with very tight deadlines; eventually, though, the software will decrypt the content and try to display it. At that point, it hits a debugger breakpoint, and I dump the whole of the process's memory to disk. Whoops - that's your "protected" content, sitting on disk unencrypted. And now I've killed your program off - how are you going to delete it now? You can't.
Nice try, guys, but you're never going to win: what you're trying to do is impossible. I suspect these guys know that perfectly well, though, and they're just planning to make a quick buck out of their "magic bullet" software from those who don't realise the flaws.
Schneier points out something along these lines towards the end, but doesn't seem to be given as much attention as it deserved: listen to him, he's right!
I can just see it now:
C:\> CD C:\MUSIC
C:\MUSIC> COPY
**** WARNING ****
Leet Hackering Detected!
Piracy Counter-measures Activated!
"DEL C:\MUSIC" Completed.
Incident Report Filed with the DMCA Task Force... the Patty Wagon is on it's way.
Hey, it could happen...
--
Scott Brady
bollocks to that, pick your own key pair and re-sign your haxx0r3d code and hack the Public key into the software. Just because the public key in the software lets it verify its hashes, doesn't mean its their original key set!
As I mentioned in another post, they've got to be looking at the messages going through the Windows Event Queue... filtering out ones related to Copy/Print/etc. Any app that uses nonstandard message tokens should work... also this provides the first step to start disassembling the security code: what message tokens are they looking for, etc.
--Rob
Yes it is different. The ink tags get taken off when you buy the clothes, while the autodestruct gets left on the files permanently.
There's no point in questioning authority if you aren't going to listen to the answers.
I moved to Linux primarily to avoid reboots. In fact, rebooting requires root and/or console privilages.
Why should I extend those same privilages to an idiot content manager?
Don't worry; it's a flawed concept anyway. For example, replacing the instructions in the program that cause the reboot with NOPs can combat something like this effectively. I'm tempted to set up a Windows environment in a sandbox just to break this.
TRUSTED CLIENT DOES NOT WORK
Windows already does this, but incorporates a unique randomness factor: you might lose your file, you might not. The function includes a plug-in feature, allowing third-parties to write scripts, or "viruses", that can also delete files, randomly or not.
--
--
"I find your lack of faith disturbing." -- Darth Vader
These drastic measures never work.
A few years ago, some paranoid security officer conviced senior management to encrypt all the computer hard drives. The software was awful. They started with senior managers and were working down to the peons.
Well, after 2 or 3 of them lost everything on their hard disks (completely unrecoverable due to the encryption) the idea was quickly squashed.
One photo of the monitor, and the document is saved. Bam.
May be difficult with large documents...
Here is another way around the system. "receive" the file onto a virtual machine and store it on a virtual disk. Then, make many copies of the virtual disk. Now, you have made many copies of the file and can open it as many times as you want.
main(i){(10-putchar(((25208>>3*(i+=3))&7)+(i ?i-4?100:65:10)))?main(i-4):i;}
Then, I make a physical copy of my hard-drive using some handy-dandy sector-copying tools that don't run under Windows. Onto a brand new 80G hard drive. Which I then sell to someone for the cost of the hard drive plus a small fraction of the cost I paid for the music. Repeat a million times.
Granted, I live on Sealand and eat only cans of beans for food, and have all sorts of friends I stay in touch with via my shortwave radio... I mean, sure - it's still ILLEGAL - but it's technically POSSIBLE.
Morons should be punished. And these guys are standing in line. The only thing that protects them from my proposal is that it's inconvenient to reinstall Windows. TYPICALLY people don't want to throw away their files with a new install. But the problem is that nothing prevents the files from being PHYSICALLY COPIED. And as long as the system doesn't protect itself further, these guys are screwed.
They'd have to 1) Register me with a unique ID in their system. 2) Encrypt each file authorized for me with my unique ID. 3) Authorize me to use the file, via the internet, EVERY time I wanted to use the file. Sounds like they're not doing any of those things. Sounds like they're nowhere NEAR as secure as they pretend.
The article itself quotes Bruce Schneier beautifully, "Digital files cannot be made uncopyable, any more than water can be made not wet."
Education is the silver bullet.
So, just disable the second programme or move the file to a system without the second programme.
This sig intentionally left blank.
Now those of us in IT will always jobs, doing file restores if nothihng esle!!! end users: "I don't understand, my secure file just disappeared off my harddrive"
Back in the days of yore before I saw The Light of real OSen, my MS Word 95 would spontaneously do the same thing to random documents after some random actions. Microsoft -- half a decade ahead of the game, yet again!
// zyqqh
I can see this coming in handy at work as well. Any time a user sends me requirements for a project, I simply type in the wrong password...I can continue reading slashdot and kuro5hin idefinitely now. :o)
Mas vale cholo, que mal acompañado.
I believe that usability testing is performed not by developers.
This is a copout on the part of lazy eletist programmers. "We're the only developers there are. Everyone else is marketing..." Cry me a fucking river, you pansy.
If you add to a given piece of software, be it in the form of code, graphics, bug-testing, or usability-testing, you're helping to develop that software. You can make the distinction that a programmer is not responisble for testing if you work in a large programming department that has a testing or 'quality assurance' section working along side it.
How many Linux devleopers have 'quality assurance' departments backing them up? How many have usuability testing labs backing them up? Being that +90% of Linux development is done on a volunteer basis, not very damn many, I would imagine.
If you release a program, you are responsible for making sure that the testing gets done, usability or otherwise.
If you don't make your program usuable by Granny and Uncle Jimbo, you're just contributing to Microsoft and Corporate Content's stranglehold on the computer industry and intellecutal property.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
The prime reason this will fail utterly is that Windows was not designed as a multiuser system. Because of this, most Windows boxes give the user full control over what is on their machines. Someone with enough coding skills can use this to pull all kinds of interesting information out of other processes. Using the debug functions and appropriate care, I suspect a hacker could create a toothless version fairly easily.
The cake is a pie
First thing he does is divert INT 13 and have it copy everything going to/from disk into some safe storage place.
Then, he waits for the regularly-scheduled backup. Voila! He gets a mirror of everything on the drive, WITHOUT having to plough through some software package that could blow everything up.
Now, this approach CERTAINLY works for diplomatic briefcases, where there is one (and only one) access point, and where the contents are physical and therefore cannot be cloned without removal.
In the digital world, this approach is naive. You can mass-copy data, without ever "visibly" touching the original. Suicide switches become useless, in such cases, as there's no guarantee that an intruder will ever trigger the switch.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Take a screenshot of the document :)
Depending on the media, the work around may be as easy as a patch cord. or knowing how to boot to safe mode.
Some info from the article:
InTether's most intriguing features are those intended to rebuff hackers. To begin with, Friedman says, the system incorporates 11 layers of security defenses. ''All have to be successfully navigated'' in order to hack the system. ''But one piece does nothing but check continually the integrity of the other pieces,'' he says. ''If you could disable a certain piece, within milliseconds our system would know.''
At that point -- probably before, he says -- InTether begins taking counter measures. One relatively mild step is to force you to reboot your computer. But if the hacker persists, and continues making ''aggressive'' attempts to disable InTether's defenses or pierce its vault, he'll get what Friedman calls ''the white screen of death.'' His InTether receiver, together with all the InTethered files stored inside it, will be destroyed. Attacks ''would have to be pretty aggressive and multiple'' in order to trigger the white screen of death, Friedman says, not so reassuringly.
As a side Note: It turns out that when an InTethered file is open -- say, a Word document -- the user cannot copy, cut, paste, or print any other Word document on his computer, including those that have not been InTethered. That's because, Friedman later explained, InTether imposes restrictions at the application level. But once the InTethered file was closed, the spell was lifted, and all normal operations resumed.
"It is a greater offense to steal men's labor, than their clothes"
(if possible to burn, that is)
MICROSOFT - Join the suicide cult. From what I get, you cannot make backups (copies) of the file. First backup and all of the "protected" files go *BOOM*. In a sad way I'm rooting for this to happen. Finally no more idiots will rule the world because they upgraded to WINDOWS XP, tried to backup their files, *BOOM* the hard drive is erased. All of the peons that ignored MICROSOFT's death wish or used LINUX survive, rule the world. AOL dies instantly and TIME/WARNER/MEGAOPOLY/SATAN self-combusts in a cloud of their own idiocy. This also means the end of the MS-moron-server-ran internet except for the stable UNIX servers.
"Face it, a nation that maintains a 72% approval rating on George W. Bush is a nation with a very loose grip on reality.
Don't worry, your documents will never fall into the wrong hands....no one will have them. Hope your backups are good.
Have you read the Moderator Guidelines
The security system destroys a document if it thinks someone is trying to access it illegally?
:)
So what your saying is... my kid can blow up my dissertation by sitting at the keyboard and banging random keys?
That's kind of why I password-locked my computer in the first place, fellas.
-- In the future, everyone will code Perl for 15 minutes. --
Exactly... look out, or the Turing theory of machine equivalences will become restricted information under the DMCA! (Any Turing-complete computer can emulate any other Turing-complete computer.) Heh. Teaching theoretical computer science will become illegal! Really, that's the logical end result of the DMCA.
That would be the obvious way to break this thing... Use Wine, or VMWare, or whatever to emulate a regular Windows machine so completely that the software running on it can't tell it isn't talking to the hardware.
Then your "virtual video card" can make copies of anything, and your "virtual sound card" can save everything to disk, and the pathetic copy management software running in the emulator doesn't know and can't stop it.
Of course, it might be difficult to write a good enough emulator. One obvious challenge would be for the copy management software to only allow playback/display on devices with digitally signed drivers. If I understand how VMWare works, that would be a problem because VMWare uses special Windows video and sound drivers that interface to the VMware virtual machine. But that can be solved as well, by emulating the video and sound hardware and running signed drivers on it.
The only way this stuff could ever be somewhat secure is if the software runs on sealed-box, tamper-proof, non-upgradable, un-documented hardware. That would make writing an emulator so difficult that most people wouldn't bother.
These companies should stop wasting everyone's time and just change their business models. I, for one, would be happy to pay for a music downloading service that reliably supplied me with top-quality, high bitrate MP3s, or even better, Vorbis Ogg files. Of course, the price should be fair (i.e. low), I should be able to get just one or two songs without having to buy the whole album, and most of the money should go to the artist. One dollar per song would be acceptable to me, and the artists could make more money that way.
But that destroys the business model of the big record labels, so they will fight it to the death... their business death or the death of our freedom, whichever is the weakest.
Torrey Hoffman (Azog)
Torrey Hoffman (Azog)
"HTML needs a rant tag" - Alan Cox
It used to be that you had to have access of some sort to destroy someone's data. Now all you have to do is try to hack it! Poof!
Ignorance is the root of all evil.
"We had to destroy the copy to protect it."
This would actually be really easy to implement on Windows. Just make it editable by Word. The user tries to "hack it" (i.e. open the file)--immediately AutoCorrect jumps in and "corrects" the spelling of everything so that it is largely illegible, meanwhile AutoGrammarNazi underlines anything not found in a Dr Seuss book. Then 30 seconds later AutoSave activates and saves the document, destroying it utterly.
--
324006
Yes, I know, they disable the Windows OS screen capture. But you run a VMware session where the entire guest OS appears in a single window. Microsoft Windows can't stop Linux from capturing that screen.
In addition to VMware, I'd like to see how it handles a VNC server. Would a VNC client fail to display a protected document? If not, you can screen dump the VNC session.
Screen captures, of course, won't help you with audio files. I assume VMware virtualizes the sound card as well though, so Windows won't stop audio captures there either.
-- Don't Tase me, bro!
Information that cannot be accessed without destroying said information would be quite secure.
You had just better make sure that you run your backups EVERY DAY.
Although with the increased instance of intrusions in the past few years as the armies of Skiddies swell, it alomost makes one wonder how often you would be running said backups.
Also, how easy would it be to crack?
You say you want a revolution....
The trouble with implementing schemes like this is that the cryptographic protocol is almost always the strongest link in the chain. Much easier to attack other parts of the cryptosystem, such as key management, user interface, etc.
Examples: the article mentions that the decryption keys are stored in the "receiver" app. Okay -- disassemble the app, take key, you're in. Another way to do this would be to develop a patch for the binary that no-ops the syscalls that disable printing and the like, but leaves the crypto in place.
Zero-knowledge protocols are cool stuff, but they share a key weakness with many other crypto algorithms: they are deceptively strong. Thus, it is very easy to lose sight of the fact that the application is pretty much guaranteed to be the point of attack, and should be designed accordingly.
As Schneier has pointed out before, this type of scheme probably cannot be implemented -- PCs are intrinsically untrusted platforms. The application cannot be certain that it isn't running in an emulator. If it tries to "protect" the data by wiping the files, it cannot know whether the user will try again, learning from past mistakes, by restoring everything from a disk image. Is there any general way to distinguish between Word and a pipe to a file programmed to present Word's API? No.
Quantum mechanics: the dreams that stuff is made of.
The article says that they do disable print-screen.
Word perfect did soemthing like this way back in the day.(5.x days) They ened up getting sued.
Its been so long, but wha tI do remember is that some organization didn't pay for it and the copy protection wouldn't let them have access to any of there files until they paid. I think it encrypted it or something.
Anyone remember this?
The spirit of resistance to government is so valuable on certain occasions that I wish it to be always kept alive
Would running this program on Wine or any other windows emulation software aid in bypassing the security measures?
-- Give me ambiguity or give me something else!
I'm really curious to know if they thought to do something to the screen-print.
Not curious enough to install, though...
The cake is a pie
http://www.clueless.com/jargon4.2.0/html/entry/wri te-only-memory.html
Any Windows-heads out there have an idea how this might be implemented? I'm not sure if I see how this couldn't be circumvented by dropping in a new DLL on top of InTether that decrypts the file, but *doesn't* enforce the copy-protection scheme?
Plus, how does it control this in the first place? Where in the Win API is this level of control possible? Sounds almost like it must replace Windows kernel calls, which would mean it's hard for it to keep pace with Windows releases...
It's a strange world -- let's keep it that way
Let alone VMware, what about windows hibernation support... you don't need fancy software to get a memory dump!
:)
This system looks *real* secure. Instead of encrypting the files, we simply try to get in the way of you accessing it... as long as you try to access it in the expected ways. Wonder how long it'll take somebody to find a hole in this one...
Oh, and they misspelled "cracker".
As if Microsoft Word needed any help in mangling documents... Now I can have self-destruction documents...
Gee, I thought thats what happened when I pressed the little Disk icon to save one.
* Winners compare their achievements to their goals, losers compare theirs to that of others.
Could be done by taking the document from directly from the hard drive from another OS. Unless they encrypt the document before it saves it to the hard drive. Well we will see how long it takes for someone to find away around it.
My experience of the "hacker crowd" suggests that a lot of them will relish the opportunity to break another "copy protection system"
... running it in VMWare, then suspending the
virtual machine and looking in the RAM file...?
Bet they didn't think of that!
Muahahahaha.....
"We won't use guns, we won't use bombs, we'll use the one thing we've got more of and that's our minds" - Pulp
From the artice, Intether works on windows and using OS to check if its code or documents are being hacked. But if you boot into linux (or any other OS on the system), and access the Intether software from their there can't fight back.
Obviously any such system can always be hacked because software can never prove that the environment it is running in is working is as it expected. Such software could be running on a emulator, or with a modified OS, or faked hardware abstraction level, that subverts its action, and the content protection system would never be able to detect it.
Most Linux software is written to scratch a developers itch - not for "Granny and Uncle Jimbo". If they want to change it to suit their tastes (or pay someone to do so), thats just fine.
But don't expect people to waste time on idiot proofing if they don't see the need. If you care about it, you could always do it yourself.
Cheers,
Rick Kirkland
So, I'll just run it in vmware, with an undoable partition... It deletes it, I revert the partition back to it's prior status...
If you control the hardware, you can control the software.
SIX MINUTES? My computer can boot Win98 in under a minute. Christ, if this thing fucks up Windows even more to the point where it's taking me six minutes to boot up, there's no chance I'm touching it with a ten foot pole...
Strangely the article makes this technology out to be groundbreaking and original. This is just a docbroker a-la Documentum Workspace that features encryption and the ability to delete files that haven't been checked out of the docbase properly (or legally). There's nothing too original about this.
I think the implication to most users is no different than most proprietary software and file formats. This is a proprietary system that you need to volutarily subscribe to that imposes restrictions on you as a user using an obscured client and protocol. If you opt to use the system, you agree to its restrictions. There are free alternatives (Ogg Vorbis?) -- if you really want to make a difference you'll cast your vote in favour of these.
---
All I can say is: hahahahahahaha!!!!!!! He's a moron if he thinks the "hacker crowd" is some unified group of people who all think alike. And he's doubly stupid if he thinks that this aforementioned "hacker crowd" believes that InTether will be used primarily to enhance privacy. Sorry bud, you're not fooling anyone.
Did anyone else get the feeling that this article reads more like an advertisement than an unbiased review?
--
And the men who hold high places must be the ones who start
To mold a new reality... closer to the heart
Don't you think it might provoke a response on the same level? Some "Freedom Terrorists" or the like who simply go and shoot some RIAA executives in response to such an attack. And before you declare the forming of such a group absurd: note that there already exist terrorist groupings with idealistic aims (whatever underlying agendas there may be) and that they apparently manage to recruit people. Also note, that the RIAA (for an example) is highly vulnerable to Hacker attacks (hacktivism). There is no need to shoot their executives, when a skilled hacker can hit at them from the other side of the planet.
No, i don't think it would be wise of corporations to escalate the conflict to that level. Also those squads just *might* get caught (remember Rainbow Warrior and how it was smeared all over the French Government?) and even if not the public will make the connection (if someone sent a squad to destroy napsterservers everyone in the world would know who had an interest there).
"By the way if anyone here is in advertising or marketing... kill yourself." -- Bill Hicks
Personally, I think that it is kinda cool that in the midst of all the RIAA lawsuit fiasco, someone is actually working on a technical solution. I have nothing agianst Napster, warez, serialz, cardz, etc...but I do acknowledge that they are mainly used for theft.
Instead of fighting hackers with the law, these people are fighting hackers with hackers. At least the game will get a lot more interesting than the "My government can beat up your server" game that we are playing now.
I'd rather you do it wrong, than for me to have to do it at all.