Document-Destroying Copy Protection System

Jeff Scarpace writes: "Defense and intelligence alums, including former Defense Secretary Frank Carlucci, are marketing a copy-protection system that works by taking control of your computer. Try to hack InTether, the creators say, and it destroys the document. Check out the article article here." Strangely, this system works only with Windows. Hmmm. Interesting too is the mention of SPOCK, or Security Proof-of-Concept Keystone.

Re:Snake oil for the 21st century!

[Tackhead]

There's a reason he's going to Disney and AOL, and it ain't just because they pay better.

Note the only "military" application: Preventing casual users of turnkey systems ("Here, Sargeant. Use this machine.") from inadvertently emailing sensitive documents home.

Note what isn't in his DOD application: Preventing highly-trained adversaries (spies) from gaining access to the data.

Finally - the FUD factor: Multiple "snake-oil crypto" signs are here... "11 different layers", as though that makes it more secure than, say, 10 different layers? More layers mean more security, right? I mean, there are more of them! Or phrases like "white screen of death", as opposed to "if the software detects tampering, it deletes itself".

It's a cute hack to wrap DRM in an executable and bundle it with a file for 'doze, but it's hardly worthy of the "military grade document-destroying copy protection system" kind of hype it got in the puff piece at inside.com.

Go, Schneier, go.

Linux is to Windows as Control is to Regulation

[Bonker]

The more and more content providors, be they government, entertainment or computer industry want to control information, the more and more Microsoft complies, probably more than anything to get on the government's good side. This is a disturbing trend, but sadly, not a surprising one.

Since this system and others like it are by definition incompatible with open-source software like Linux, Linux has become the defacto standard if you want to be sure that you control your own computer and the information on it. The benifits are plain to see. You can 'hack' any document you choose and know the format for, be it a PDF (as mentioned in previous story) or something that is marked as secret, or something like the format listed here.

Linux gives users the ability to control their information.

Turn that around and you can see that Microsoft is building all sorts of hooks into newer versions of Windows that allow companies to try to enforce copy control and try to preserve their 'intellectual property rights'.

Windows gives companies the ability to control their information.

If it were this simple, it's obvious what operating system that the masses would prefer if given this choice. Unfortuneately, Linux developers have shown again and again that they have no people skills, and therefore no ability to make their software usuably by Granny and Uncle Jimbo. The vast majority of Linux software has had no usability testing whatsoever. Compare this to Microsoft Windows and MacOS, for whom usuability testing with non-technical people is a major, albeit understated part of software development.

The onus here is on Linux developers and distributors. The software you work with and produce provides the ability to fight for freedom of information. Unfortuneately, these abilities go underused because the vast majority of computer users will never understand anything other than a simple point-and-click interface. Because Linux is a OS for hackers by hackers, the gains in information freedom it engenders will never be shared by the non-technically inclined.

Making Linux *easier* to use may dumb down the interface, but it means more freedom for all concerned, and therefore, a sweeter victory in the information wars.

simple (?) solution

[Noryungi]

This is a little bit more serious than my previous post...

I can think of, at least, two or three workarounds for this:

In windows 9x, restart under "DOS command line only" mode, then use an hex editor after copying the .EXE and the protected file to another computer. You can also boot from a FreeDOS or Caldera DOS diskette to do this.

Using WinICE under Windows, while executing the .EXE to "read" a file would certainly yield interesting results...

Under Linux, mount the Windows disk with appropriate rights and use Linux equivalents.

Cracking the encryption scheme is, of course, left as an exercise for the reader. But, come on, how much encryption and "security layers" can you hide in a 300 KB windows executable ?

Additionnal brownie points will be given to the reader who determines which compiler and programming language has been used to create this little thing. (Hint: look at the end of the EXE file for informative compiler strings).

Estimated time to crack: anywhere from 24 hours to 1 month.

Repeat after me: security through obscurity does not work. End of transmission.

A little extreme, don't you think?

[rellort]

The security system destroys a document if it thinks someone is trying to access it illegally?

So what your saying is... my kid can blow up my dissertation by sitting at the keyboard and banging random keys?

That's kind of why I password-locked my computer in the first place, fellas. :)

Re:Why it's Windows only?

[sulli]

Presumably requiring a six minute reboot cycle precludes developing a Linux or Mac version.

Correct. A Mac version would require a twelve minute reboot.

Re:Excellent!

[jimhill]

Ah, but you are missing the point that anti-DMCA people like me are trying to hammer home: this software will NOT allow legitimate, beneficial fair uses. The entire driving force behind the content industry's search for the perfect digital-rights management scheme is that digital control over digital content finally delivers the holy grail of pay-per-use into their hands. All they need is one or two more laws and maybe an object lesson or two wherein Norwegian teens or magazine publishers are slapped down by the bought guns of government to make their long-deferred dream a reality.

If I pay for a book or recording, I have an absolute and irrevocable right to do what I want to with it within my home. If I want to print a million copies and use the paper to insulate the house in winter, I have that right. Technology allows the publisher -- generally not the author, I might add -- to abridge my right. You'll pardon me if I don't get excited at that prospect.

Caught between a rock and a hard place: between distaste for those who would trade in copyrighted material without paying the creator his due and my utter loathing for the corporate swine whose millions have subverted the very government that allegedly exists to serve the people who feed the corporate machine.