From DRM to Rights Management Services

miladus writes "Microsoft has formed an academic Think Tank on Trustworthy Computing. The Academic Board is to advise Microsoft on 'security, privacy and reliability enhancements in[...] products and technologies so that Microsoft can obtain critical feedback on product and policy issues related to its Trustworthy Computing.' An interview with two members of the board is an interesting read, especially concerning the global implications of privacy. Of note, is the absence of DRM discussion. But DRM shows up as 'Rights Management Services' in the promised Widows Rights Management Services to be released later this year. it will deliver a 'platform-based approach to persistent policy rights for Web content and sensitive corporate documents of all types'"

Re:Good stuff

"Things like this are really essential, especially for companies and organizations that have concerns about confidential information."

No. Good security is essential for people handling confidential information. Would you want your bank records littered around insecure networks, protected by unbreakable MS-Word encryption? I'd rather trust my information to people I knew had no Microsoft software anywhere.

You need to keep information separated at work? For things like that, most people would consider PGPDisk and BSD firewalls not enough protection. At one place I work, any computer connected to certain network has to have its disk removed daily and locked in a safe. At another place I visited, there were no network connections leaving the site at all. Anyone who uses Microsoft security solutions has no business being given access to confidential information.

Re:What happens when MS has a new version of Offic

[Billly+Gates]

But without evidence they can sniff all they want and will find nothing. No evidence no case.

It is very hard to go after a corporation. You have to prove that companyA knew about the corruption and hid it. Kenith Lay just recieved $200 million from his involvment with Enron and is retiring in peace as a wealthy man. Why? He claimed he didn't know about what was going on in accounting. Since he moved the money he recieved to his retirement fund he avoided litagation from angry stock holders and co-workers. A very sneaky loophole indeed. He can't be prosecuted or sued. Hiding information is key to avoiding prosecution and obsrtucing justice. With drm this makes the doj's and fcc's power void. Microsoft had been doing this for years and got away with an EU investigation in 93 because of it.

The doj could not even prove that Microsoft strong armed OEM's to bundle office because of lack of evidence. They decided to go only after IE because of the one email from Gates about chocking their air supply since someone forgot to delete the email.

Your innocent until proven guilty and corporations can drag court cases for years because they have so much money. Timebombing and drm is perfect. With no data you can not prosecute anyone.

easy to do

[infonography]

Here's a good one check out this about CORDS [loc.gov]

" The U.S. Copyright Office Electronic Registration Recordation and Deposit System is the Copyright Office's system for registering claims over the Internet. Through the Internet, copyrighted works become available throughout the world instantaneously. As copying these digital works becomes easier, copyright protection is imperative."

Actually this could be cool, however following it to a illogical conclusion there are loopholes for massive abuse. A media file would have a locatable Digital signature that a filtering router could read. Check against a database for known bootlegs and you got your filter. (hmmm, run it on a linux box and finally get some RIAA/Evil use out of those longhaired geeks)

If no Digital sig is found then implant one and forward the file and new sig so the RIAA can add it to the registry for later review. Cause it could be a new burn of the latest N'Sync song or that one about Fred Durst telling Britney Spears to drop dead. you could plot the movement of files from user/site to user/site and show who gave what to who and when. You end up with a nifty tracking scheme.

This is a classic 'Man in the Middle' attack, one of those things the RIAA/MPAA wanted to do not so long ago.

Opps, You would have a way to hit them back. Say your ISP, the UofWhereEver goes and alters a music file with a fingerprint then they are subverting your property. If the file is legally obtained say self-produced then the original artist (you) will have a very clear case for copyright infringement. They will have created and distributed a reproduction of your recording for 'Commercial Gain' (acting as an agent for a speculative RIAA lawsuit), which is 99.94%, exactly the same as your copyrighted material.

So they have just violated Federal Copyright law by clandestinely adding a digital fingerprint. You can extract this new tag by doing a diff of the file against the orginal. Even a certain lackwitted judge in say Pennsylvania would be able to understand it then.

yes this is a rerun