Slashdot Mirror
From DRM to Rights Management Services
miladus writes "Microsoft has formed an academic Think
Tank on Trustworthy Computing. The Academic Board is to advise
Microsoft on 'security, privacy and reliability enhancements in[...]
products and technologies so that Microsoft can obtain critical
feedback on product and policy issues related to its Trustworthy
Computing.' An interview
with two members of the board is an interesting read, especially
concerning the global implications of privacy. Of note, is the absence
of DRM discussion.
But DRM shows up as 'Rights Management Services' in the promised Widows
Rights Management Services to be released later this year. it will
deliver a 'platform-based approach to persistent policy rights for
Web content and sensitive corporate documents of all types'"
Is Microsoft expanding to life insurance?
how much will those brainiacs get paid? I've never trusted "scientific" opinions from researchers paid by commercial companies. (What's more, I don't even trust most scientific opinions:)
So, Everyone that goes to the new version of Office will be locked into a forced upgrade stream? What happens when MS comes out with Office 12? Will everyone that uses 11 find that their documents suddenly "expire" because the new version of office is out?
:)
I don't like it. MS wants to control every 0 and 1 that flows through your computer.
Looks like its time to dig out the 'ole Commodore 64.
Just my 64k-is-enough-for-me's worth
-RickTheWizKid
There is a preview button...
A what? Oh, that thing next to submi
I am TheRaven on Soylent News
For example, where I work, we are required by law to have a level of security on certain information; this info should never be reaching people who do not fall under the same laws.
With a technology in place to protect that data, our jobs as the IT staff becomes much easier.
MS is, in my view, breaking new ground with this; some people may not like what they are doing, but you have to admit that nobody else is putting this stuff into their OS (when there is clearly a need for it).
Manipulate the moderator system! Mod someone as "overrated" today.
Hopefully MS will eat their own dogfood on this so their memo's stop leaking out, or maybe that's the whole driving force behind this.
"Not knowing when the dawn will come, I open every door." - Emily Dickinson
...the word "Trustworthy" in a direct connection with "Microsoft"? Wohooo... and I thought that only the Slashdot geeks had a sense of irony...
-- Power corrupts, but PowerPoint corrupts absolutely.
Can someone get the little Mozilla beast icon to eat the little Bill Gates beast icon and put us out of our grief?
*consoles self in reality distortion field*
*honk*
This is my sig. It's prescription, I swear. I need it for reading things... on the other side of things
The acronym of that would be RMS.... RMS is evil.. No wait... that *other* RMS.......
On a sidenote, I hadn't heard about MS changing their product line to 'Widows'..... Another interesting name change...
XML is like violence. If it doesn't solve the problem, use more.
Will Microsoft use drm to make sure the DOJ can not investigate them for illegal practices. If Bill Gates unfamouns email about choking netscapes air supply timebombs then the doj would have no evidence. Case closed!
http://saveie6.com/
What do you call computer users whose digital rights have all died because of their choice of platform/license agreement? Microsoft Widows.
http://tinyurl.com/4ny52
A better question would be
What happens when all media (from DVDs to web sites) is delivered with MS RMS?
Or easier... What happens when all mail from Outlook users come with this?
At least with this technology MS will not suffer so much with email leaks.
Maybe rights management is a needed solution to actual problem, but a real solution all should be based in open, free, and universally available standards.
It is very hard to go after a corporation. You have to prove that companyA knew about the corruption and hid it. Kenith Lay just recieved $200 million from his involvment with Enron and is retiring in peace as a wealthy man. Why? He claimed he didn't know about what was going on in accounting. Since he moved the money he recieved to his retirement fund he avoided litagation from angry stock holders and co-workers. A very sneaky loophole indeed. He can't be prosecuted or sued. Hiding information is key to avoiding prosecution and obsrtucing justice. With drm this makes the doj's and fcc's power void. Microsoft had been doing this for years and got away with an EU investigation in 93 because of it.
The doj could not even prove that Microsoft strong armed OEM's to bundle office because of lack of evidence. They decided to go only after IE because of the one email from Gates about chocking their air supply since someone forgot to delete the email.
Your innocent until proven guilty and corporations can drag court cases for years because they have so much money. Timebombing and drm is perfect. With no data you can not prosecute anyone.
http://saveie6.com/
How exactly is Digital Rights Management expected to work? Is the idea sort of a "this message will self destruct in five seconds" kind of deal? From DRM story to DRM story posted on Slashdot, I see the discussions range from privacy and data integrity to piracy or rights. The ability to cause sensitive data to disappear seems more like a technological tool that can be added to other tools for specific types of communication, not some imposition of our rights to download w4r3z on KaZaA or whatever. In fact, if I get sent an email that will self-destruct, what's keeping me from forwarding that message to a sendmail server with no such mechanism for message self-destruction, copying / pasting the message into a text document, or even screenshotting the contents? This comment isn't meant to flame or troll -- I simply want to know what I don't.
<:
but I think you must trust MS 100% before this can be considered a "good thing."
.).
"With a technology in place to protect that data, our jobs as the IT staff becomes much easier."
It's very simple, if, say, my medical information gets out 'cause some MSCE stopped thinking about security 'cause MS told them to, you better believe I am going to do everything in my power to destroy that incompetent individual's career.
I see people stupidly pick MS all the time for no other reason than it is "MS." Well guess what, most of the time things are NOT working as a result. That's fine, but when we are talking about security required by laws, you better make damn sure YOU actually understand the system you are implementing, and I have yet seen an MS product implemented by someone who actually had an understanding of the innerworkings of the product (though they did read the marketing brochure . .
Sdelat' Ameriku velikoy Snova!
While the implications of Microsoft being able to leverage ("embrace and extend") any built in DRM/CRM (Digital Rights Management/Content Rights Management) is disturbing, what worse is that companies are going to jump all over this kind of technology. It literally allows the company to control information from CEO right down to the mailboy's desktop. To a corporation that doesn't respect/trust/value its employees, this technology is a godsend, up there with keystroke loggers.
What's worse, is it will allow corporations to act with even more impunity. Microsoft isn't the only corporation whose business model could stand to gain something through DRM. They're talking about restricting what a person can do with data -- including preventing that "We're Dead if this thing shows up in court" memo from being printed by a Whistleblower.
Letting corporations act solely in their best interest, and preventing the individual from counter acting in his, is a dire formula for a free society.
If you can't read or spell of what use is previewing?
KFG
You could have rights managment systems out the yinyang, but if the software running it is full of bugs, buffer overflows, back doors, code that auto preruns unauthorized stuff, or sends private info to MS headquarters (Yeah I know MS would never have eny of these problems) Then it will not matter a bit, even if every damn piece of data and code is digitally signed, registered, and pre-authed - it won't matter. In fact it could make things worse as people actually leave their systems less secure - assuming that they are less hackable or that they will know when people copy stuff. BZZZT. God help them, they'll need it.
Here's how it works. The new version of Office comes out, and it's perfectly backward compatable.
But it isn't *forward* compatible.
So all you have to do is get one company that a lot of other companies need to do business with in on the plot and get them to make the switch.
Your Office documents are perfectly readable by them, but everything they send YOU your older version can't read. So if you want to continue to do business with them you have to switch too.
It's a very effective way to force upgrades without giving any overt appearance that that's what you're doing.
They don't lock you out of your documents. They lock you out of everybody else's.
KFG
When counterfeit comes into play the feds are alot more aggressive. MS isn't likely going to circumvent NSA friendly encrytion and the damaging effects of another goverment undertaking fraud during a bull run could cripple the markets for a very long time means somebody is/or will be watching.
I maybe paranoid but I believe pretty much everything sent over the internet has a copy someplace, with software constantly sniffing for profiles, patterns, etc...and comparing it to public data, simply because I would.
Happenstance or a socially engineered blunder is always doable, but a threat to national security and/or a potential charge of treason becomes applicable. Deterrent becomes the best form of prevention as well as seperating a greedy capitalist goat from a real terrorist/threat.
So now we're supposed to waste our time fiddling our thumbs about broken trust and rights "management" crap? This is the same stunt MS pulled by claiming Windows met "Orange Book" (from the NSA Rainbow Series of books) "security" standards. Of course, Access Control Lists don't do much if your OS is full of buffer overflows and similar exploits, and this is ignoring the issue that ACLs don't do much at all and don't do it very well anyway. This seems like an overly expensive way of distracting customers from the real security issues (ha! like that one-month code review jerk-off session really accomplished anything).
I can see only two benefits coming from this. Likely the grants those professors are receiving from MS will trickle down to some poor, hungry grad students who actually deserve it. Also, if the quote above has any relevance to MS's own development plans (but I'm not holding my breath), maybe people forced to use MS software will have to suffer through less feature bloat and mandatory-upgrade new versions.
In the great CONS chain of life, you can either be the CAR or be in the CDR.
Part of the agreement is you upgrade to the new version, before the 'grace period', as your license to use the previous version is revoked.
---- Booth was a patriot ----
Reinstall Most Software
Rape My Self
Repeal Most Sense
Rights Missing Soon
Really Most Stupid
Retarded Man Steve
Rights My asS
Repeat My Sales
Relicense More Stuff
Rent My Software
All of these are freely useable, but only on one computer at a time.
As an evasion of the law, its not much different then paper shredding of documents that shows one guilt.. "paperless office"
---- Booth was a patriot ----
You know I am really sick of all this. I guess I'm in the minority but I spend a ton of money on CDs - mostly SACD...I would say probably $500 so far this year. I want to have the highest resolution sound I can get for the music I like...so downloading mp3s is a waste of my time. What the ****, just buy the music!
is delivered with MS RMS
You scared the HELL out of me with that phrase.
I thought you meant the Microsoft version of Stallman.
but I don't believe in the "black box" form of security. If something is not transparent to me, then I cannot access whether or not it is secure or not (and neither can a third party), and if I was in the business of security, I would not be meeting my legal obligation of "professional due care" simply by buying a black box.
If you consider the above "MS bashing" then I think you have been exposing yourself to too much "MS marketing," 'cause I am just telling you how it is. If that is my personal data you are handling, and you are using the MS "black box" to "protect" it, I will sue you and your organization if that information gets out.
Clear and simple. You are not performing your duty, you are just maintaining a black box on the basis that MS marketing would never lie, and marketing buzz words like "trusted computing" does not change that fact.
Sdelat' Ameriku velikoy Snova!
*Widows* Rights Management Services to be released later this year
Microsoft seems pretty serious about this social rights management thing..
Seeing how DRM has become a negative abbreviation they are trying to move away from it, but realizing that this could happen to whatever acronym they choose the have chosen one that hurts their opponents too
If RMS became the tree letters people associate with taking control away from users and into the hands of the bic corportaions houw would that affect the credibility of free software champion RMS?
- We are the slashdot. Resistance is futile. Prepare to be moderated -
Though I find it amusing that MS is pushing it as a sort of security option instead of as a privacy invading option. "Protect sensitive corporate documents?"
From what? Have I been missing the "sensitive corporate document" section in Kazaa? Can I, without the aid of several illegal tools which I would never never never even THINK about using simply go and download sensitive corporate documents without their permission?
Besides the way corporations have been going I'm not sure that anything that increases their document security is automatically a good idea. I know they're going to screw me, but I'd rather see it coming.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
To switch to Linux
There's a growing sense that even if The Future comes,
most of us won't be able to afford it.
-- Lemmy
I also find it interesting that the only person who had evidence of Lay's guilt commited suicide. hmmm can you say murder/cover-up? I believe Kennith hired someone to kill him.
http://saveie6.com/
Here's a good one check out this about CORDS [loc.gov]
" The U.S. Copyright Office Electronic Registration Recordation and Deposit System is the Copyright Office's system for registering claims over the Internet. Through the Internet, copyrighted works become available throughout the world instantaneously. As copying these digital works becomes easier, copyright protection is imperative."
Actually this could be cool, however following it to a illogical conclusion there are loopholes for massive abuse. A media file would have a locatable Digital signature that a filtering router could read. Check against a database for known bootlegs and you got your filter. (hmmm, run it on a linux box and finally get some RIAA/Evil use out of those longhaired geeks)
If no Digital sig is found then implant one and forward the file and new sig so the RIAA can add it to the registry for later review. Cause it could be a new burn of the latest N'Sync song or that one about Fred Durst telling Britney Spears to drop dead. you could plot the movement of files from user/site to user/site and show who gave what to who and when. You end up with a nifty tracking scheme.
This is a classic 'Man in the Middle' attack, one of those things the RIAA/MPAA wanted to do not so long ago.
Opps, You would have a way to hit them back. Say your ISP, the UofWhereEver goes and alters a music file with a fingerprint then they are subverting your property. If the file is legally obtained say self-produced then the original artist (you) will have a very clear case for copyright infringement. They will have created and distributed a reproduction of your recording for 'Commercial Gain' (acting as an agent for a speculative RIAA lawsuit), which is 99.94%, exactly the same as your copyrighted material.
So they have just violated Federal Copyright law by clandestinely adding a digital fingerprint. You can extract this new tag by doing a diff of the file against the orginal. Even a certain lackwitted judge in say Pennsylvania would be able to understand it then.
yes this is a rerun
Sorry about the writing. Robot fingers, you know? Cliff Steele in DOOM PATROL #23
Operating systems perform basic tasks, such as recognizing input from the keyboard, sending output to the display screen, keeping track of files and directories on the disk, and controlling peripheral devices such as disk drives and printers.[webopedia.com]
/. h4x0r w4nn4b3's who are adding fuel to the fire. If you're a corporation and you're really paranoid about your sensitive documents getting into the wrong hands, then maybe you should be more concerned about keeping your networks secure (one way would be by not using Microsoft products) and choosing your employees wisely.
Nowhere in does this mention anything about deciding what programs/documents the user can and cannot open. An OS is desined to give functionality to a computer, not a tool to implement bureaucratic policies and legal restrictions (e.g. the Palladium and other DRM nightmares).
Now, getting back to WRMS (for Stallman's sake I'll call it WRMS from now on). The difference between this and paper shredding is that you now get to keep the documents you're trying to hide. Think of how many Enrons and Arther Andersens still out there now have digital protection! Once again, Microsoft caters to big corporations that invest lots of money into the computer industry and want to see things their way. This does not help the rest of us, and if the Enron scam happens again because of this (and it will), then it will hurt our economy again.
Enter Palladium, just another part of Microsoft's new restrictive practices. I think we should petition Intel against killing its own platform. We've gone very far from the 80's now, and I think if this does not stop it will only get worse. I'm no legal expert, but I see Palladium as a violation of the 4th amendment in the US constitution. Your PC is as much private to you as your house is. Criminals can break into computer just as well as a burglar can crawl through that open window in your back yard when you're not home. However, the police still can't get in without your permission or a warrant. DRM is, by design, used to find illegal material and warezed software then delete it or report it. How is this any different from search and seizure?
Now for those of you who are worried are going to lose your freedoms, just remember who's really at fault here. It is the people who swap thousands of MP3's every day, download warez and illegal keys.. basically those too cheap to actually pay for your software and music. Granted, I don't think it's right for Microsoft to charge 200 bucks for an OS, but that's one of the reasons I'm using Linux. I still don't believe it's right what they're doing, but the blame should really be placed on most of the
Comment removed based on user account deletion
If the file is legally obtained say self-produced then the original artist (you) will have a very clear case for copyright infringement.
A recording is distinct from its underlying musical work. If you self-produced the recording, then who wrote the song? If you claim to have written the song yourself, how do you know you didn't unconsciously copy it from somebody else's copyrighted work?
So they have just violated Federal Copyright law by clandestinely adding a digital fingerprint.
And you have just violated Federal Copyright law by recording somebody else's song.
Will I retire or break 10K?
...about this naming scheme, aka "Rights Management Services".
Regardless of all the digs at Richard M. Stallman, I must ask: since when does another person (or a virtual person in the form of a corporate body) have the right to dictate the framework that my own rights will operate within?
Last time I checked, the only way to abrogate one's rights was to do so voluntarily, and with complete knowledge. Of courrse, this may apply within certain sub-contexts of the overall culture. (ie, work NDA's, etc.)
FWIW, this is not new stuff, it's very reminiscient of the POSIX ACL's and the military's experiments with Multics (also did it in hardware and syscalls) during the '70's. Problem is, at least they started with systems that had some clue to begin with.
C|N>K
Public Key Encryption: depending on the key length, can be brute forced. Key length just makes it longer.
Kerebos: some implimentations were bugged. Do a search.
PGP: 0wN3d.
All your examples have had flaws revealed in them recently. Care to try again explaining the security of your "wide-open" source?
Manipulate the moderator system! Mod someone as "overrated" today.
If someone doesn't care about what I think, they won't read my post. Whether or not I start a post with "I believe" (which I like to qualify some posts with, so that readers don't mistaken me as the "spokesperson for Open Source") has nothing to do with whether or not I expect others to care about what I post. It appears you have made many assumptions about aspects of this world and expect the rest of us to just go along with you (a mirror reflection of your relations with MS, but I digress . . .).
Should I go through the merits of Open Source, as I have done countless of times here and at other forums? If IBM, HP, Dell, Matsushita, Sony, and, even, Sun are able to understand these merits, how could I expect to open the eyes of an individual who STILL doesn't get it?
No, you appear far too lost in your own assumptions to be able to benefit from such an explanation. But I will make a prediction. I give you 3 scenarios of your future:
1. You embrace open source and find yourself catching up with the rest of the world. You learn the difference between security and illusion.
2. You continue to turn your back to open source, until such a time that MS' makes a final effort to create a competing TCO with Open Source by making your position obsolete (some would argue it has already happened).
3. You continue to turn your back to open source, until such a time when ALL organizations require ALL alternatives to be considered. You are terminated for being incompetent.
Pick one soon before one picks you.
Sdelat' Ameriku velikoy Snova!
Yes, technically, MS-Word can save in RTF. However, in practice, you get quite a few warning messages. The first ones will scare non-technical users into saving in MS-Word's latest format. The last few are actually confusing and you have to experiment a few times to find out "Do you want to save your changes?" means "Do you want to overwrite RTF with the lastest MS-Word format?"
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
Right now many are less aware or concerned about the issue of proprietary data formats than they are over OSes. Another key is that MS-Office (for the time being) has even a higher market penetration than MS-Windows.
It extends Microsoft's MS-Windows monopoly by requiring at least one Serer 2003 at each site. It also has the potential to lock out non-Windows or End-of-Life'd MS-Windows distros:
If that wasn't clear enough, it has the potential to lock out competitors and End-of-Life'd MS-Windows distros: Palladium can be used to determine which hardware is allowed access:In short it's about control -- this would give the last bit of control of data away, out of the hands of users / businesses. This is not just a U.S. problem. It is also an issue for non-US companies, governments and agencies. Once 100% control over the data is given away, then both hardware and software budgets are effectively determined by outsiders. Access to data would be controlled by outsiders as well -- who is to say that there isn't a backdoor or that product activation wouldn't be used to "blockade" the data of an agency or competing company.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.