Flash Memory with Copy Protection

Castar writes "Mercury News is reporting that SanDisk has created a new type of flash memory with copy-protection logic built in. From the article: "Today, much of a consumer's digital content is held hostage on a particular kind of device, such as an iPod or a PC, because that is the only way to prevent massive piracy. But with the SanDisk flash memory card, a consumer can move the digital content to another device. If the music company insists the data can only be copied five times, the memory card itself enforces that policy in the new device, be it a cell phone or music player." Rejoice that your data can be "liberated" from the confines of your PC or iPod!"

Re:Whooo

[typical]

I really don't like the increasing complexity of devices that don't need to be complex. Complexity tends to decrease reliability.

My last motherboard, an ASUS, had an in-BIOS MP3 player. That qualifies as "unnecessary, reliability-decreasing feature", in my opinion.

As for the latest sky-is-falling-on-copyright-infringement alarmist crap from Slashdot, pay no heed. This whole thing is a lot of horseshit that companies are using to extract money from the publishing industry. Many, many companies try to do this. If you make a commodity device (Flash storage, for instance), you're desperate to do *something* to make more money on it.

So, let's take a look at what this system is probably going to do.

Assume that the engineers *really* knew what they were doing and made *no* errors (and that security in hardware is pretty hard to do and there isn't much of a culture of that in the hardware world).

It's a pretty good bet that if properly designed (*not* necessarily the case), each device has some sort of embedded public-private keypair. They use this to transfer symmetric keypairs to do bulk data transfer between each other.

This means:

* Everything is on one IC, and there is no inter-IC bus involved. Tapping busses between ICs within a DRM-using device is a good way to break the protection. bunny broke the X-Box by using the fact that not everything is on one IC. Probably reasonable for the Flash world, where this is already the case.

* The hardware's pseudorandom number generators (that symmetric key has to come from somewhere) are secure. An attacker can twiddle power to screw up PRNGs...maybe zero them, induce current, screw with the power lines at just the right frequency, whatever. This is not trivial to avoid.

* There are *no* diagnostic interfaces left in the hardware. Trying to make every hardware engineer lose their diagnostics in the release product is like trying to convince a fish to jump out of water and stamp around on land for a bit.

* The crypto algorithm involved doesn't get broken (once it is in lots of products, you are irrevocably committed).

Remember that this is a system that relies on *zero* breaks. Maybe the manufacturer can have an "update key" and release new protected content with hidden "updates" to invalidate existing compromised keys, but this takes a while to propagate around the system. Once such a system is released, the manufacturer is gambling that not a single person, in any lab, with microscopes and the works, anywhere, can break the thing. Once it gets broken, that person can distribute all the protected content (and possibly even create a "modification" to disable the protection on other devices, if the break involves the compromise of a key). The math is *wildly* against the publishing world here. It's a safe assumption that the publishing world will make dire legal penalties, heavily watermark content (and probably tag with the IDs of devices that it passes through) to try to track down any such break, but it's still a seriously long-shot gamble for them -- and a break is likely to happen after they are widely deployed and are committed to the scheme, as happened with DVDs.

And remember that nobody gives a damn about simple data transfer. That data has to go somewhere -- the Flash drive. So now every device that *consumes* this data (sound cards, video cards, etc) has to also be similiarly secure, and not have any breaks. That is a *huge* undertaking. If one consumer is Windows running under Palladium (e.g. a trusted software MP3 player), then you have to secure a vast software system, as well as much of the hardware in a computer system, against any breaks. That means *Windows local kernel security must be airtight*. Every bluescreen you see is a violation of that! Even better, you can't use a single good prepackaged solution, because then you run into the bus-attacks-across-multiple-ICs problem -- every single device needs a custom chip, and that chip has to perform *all* the t