Slashdot Mirror
Security in Ten Years
Schneier has posted a conversation between himself and Marcus Ranum, Chief Security Officer for Tenable Network Security, Inc. looking at where security is headed. "[...] at a meta-level, the problems are going to stay the same. What's shocking and disappointing to me is that our responses to those problems also remain the same, in spite of the obvious fact that they aren't effective."
A lock is something that you use to stop anyone without a key getting access to something.
Encryption is a lock (in the normal sense). DRM is a combination of a "lock" and a key, with the understanding that you probably shouldn't use the key if you've been asked not to. It's a very weak analogy at best, as encryption stores the secret under some technical problem. DRM stores the non-secret under some social problem, with weak technical barriers to uphold the social problem.
Reverse engineering a key is when you construct the key from the lock alone. It's not called reverse engineering if somebody gives you the key and you just copy it. Most of the breaks in DRM systems have been about stepping around the "lock", rather than picking it. IE reading the key from memory with a debugger.
I'd stand by the claim that reading something that someone has freely given to you is a new sort of crime that we didn't have 1000 years ago.
Slashdot: where don knuth is an idiot because he cant grasp the awesome power of php
Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety. - Benjamin Franklin, An Historical Review of the Constitution and Government of Pennsylvania. (1759) [source: http://en.wikiquote.org/wiki/Benjamin_Franklin%5D
Sara
Designer, Gamer, Macgrrl in an XP World
That's where my Third comes in: Reading something without the librarian condoning it was a crime in mediaval monastries. You were still allowed to carry it around. And you had to keep it secret that you were able to read in certain circumstances.