Exactly, so why bother putting so much time, effort and money into such a system when a) it will have flaws and exploitable points and b) you could just fake up some birth certificates instead?
Yup. Because my entire argument about the "massive security apparatus of the state" was completely based on just the thread of a handful of bad neighbors. No way that could possibly be just one example. You totally showed me up. Kudos to you, sir.
Right, but maybe I'm wrong on this, but isn't they key only used for the signature. My impression is that all the data can be read off it, it's just that you can't verify that it was signed by the country that it says it was signed by. In this instance, it would be indistinguishable from all other passports from outside of the current 45 country list.
The reason I questioned whether it's still the same difficulty as paper forgery is that passport control only has so long they're going to spend on each passport. If some of the time that used to be spent checking over the paper is now spent going over the electronic data, that makes it easier to do the paper part.
But I completely agree with what you said in the last paragraph. Once again it's all security theater that is built on a house of cards. All you snag are the dumb criminals. Maybe that's worth it, but I tend to default to thinking it doesn't.
While responding to this thread I went back and read over some of the 9/11 stuff. Apparently, their passports had stamps from countries like Afghanistan that would have cause red flags to be raised at passport control. Their solution? Report their passports stolen, get new ones and artificially "weather" them and fake a few stamps from non-threatening middle-eastern countries. Once again, it's all security theater.
I'm not sure what all that had to do with my post (which you were replying to, after all). In fact, my point was exactly that - the state won't protect us from everything. But showing that it doesn't protect us from some thing doesn't also logically prove that the state cannot protect us from anything (which was what the post I replied to was positing).
Good call. I was basing this on the stories after 9/11 of how (still living) people came forward with details matching those listed in the published list of hijackers. But researching it now seems to show that all those questions have been accounted for as well as can possibly expected.
I wouldn't say most would be considered "white", unless you're just dividing people into "black" and "white." Most are clearly of a heritage other than European.
Aside - dear lord, the 9/11 truthers have made it pretty damn difficult to google anything 9/11 related and get anything other than crazy conspiracy theories.
And what, you rig the room with some dynamite to be triggered so that no one has physical access to the machine so they can haul it out when it does break?
Yeah, you could do that, and you could come out with a great plan from A to Z that covers every step. But there will be people involved, and that's my entire point. Each one of those people is someone that could be bribed/compromised.
Correction: the state cannot protect us from everything.
That doesn't mean it's not protecting us from plenty of other stuff, just by the mere existence. Just to name one example, I'm pretty sure my neighbor would have offed me by this point if it wasn't for the fact that the state would punish him.
They already have a public key database system. It's just that they've barely gotten many countries to sign onto it. This isn't surprising, if you've ever had to deal with a bureaucracy.
The big problem is that these electronic measures will inevitably lead to more trust being placed in the electronic component. Passport control only has so much time to spend on each person passing through the huge lines at the airport. As someone who has went through these lines before, I can definitely confirm that sometimes there is only cursory scrutiny given to a passport. Maybe that's because I'm white and have an American passport. But even at those other checkpoints, I find it hard to believe that they'd keep up their current level of scrutiny AND add electronic checking. History suggests that the electronic checking will be used as a crutch.
And if you read my previous post on the subject, the key checking doesn't work like you think it does. It's not a toggle, it's a database of keys provided by each country issuing passports. And not all countries are providing such keys.
Reading the article, it's not as simple as that. There's not just an authentication system that can be toggled on an off. Each country has their own public key, which they can decide to share with other countries. Right now, 45 countries manually share keys. Then of them have signed up to an automated public key database. Only five of them are using it right now. So if you come from a country other than those 45, your passport never gets authenticated anyway. Bureaucracy being what it is, who knows when those numbers will grow much larger.
Also, think about the potential for corruption. All you'd need is someone in the government who you could bribe to give you the private key. Think Pakistan, India, Romania, etc. Then you've actually got an authenticated passport that lulls the passport checker into a false sense of security. They think they've got added security when actually they don't.
You definitely have some good points, and a lot of this kind of thing is something you "think" and not necessarily something you can "prove." But I do have a few comments. First, the content owners would be smart to do torrenting in ADDITION to having an iTunes-style website/application. Basically, use ALL the channels, not just a specific one. Second, a lot of people don't use iTunes because they don't like the restrictions and limitations on it or the price. I have never bought a single song from iTunes for exactly that reason. iTunes starting to release drm-free tracks shows that there must be a market for this. However, the $1.30/song price tag is still gonna bite.
Another major point is that iTunes is not a content owner. They sell other people's stuff. If EMI/BMG/Universal wanted to, they could set up shop and pull their catalog off of iTunes. A major thing that has stopped them from doing this in the past is that they've been hung up on the DRM issue. But once you get that out of the way, creating an online music is a LOT easier. There were plenty other music catalog websites that were out before iTunes that only lacked a "buy" button. Allmusic.com was around for at least five years before the iPod was ever created. The only thing that made iTunes a better platform was that they actually got contracts to SELL the music, not the user interface that they created (which, actually, is rather crappy in my opinion). And they got the contracts because of their DRM, and now we've come back to the beginning again.
They're not "free" tracks. They are the content, which you then get a key to unlock. It's a distribution system.
I 100% admit and embrace that you wouldn't have any control over the licensed copy. That's the point. All the control that is built into DRM is the reason why it's not as widely successful as it could be. And "easily be clipped off in a movie production app" is meaningless to the large majority of consumers. I emailed someone a PNG and they couldn't figure out how to open it. My friend, a professional civil engineer, can't figure out which keyboard he should buy.
And as far as whether you would use the system, it really does not matter. There are a certain amount of people who are never going to pay. And piracy will always exist to get perfect copies to those people. Right now the various content owners are obsessed with that number. But those people really don't matter any more than people who check out books from the library should bother book publishers.
Think about it. Right now there are X number of people pirating content and Y number of people legitimately purchasing it. Since pirating is illegal, X is very limited in how it can grow. It will always take a bit more ability to use a computer, and you always run the risk of getting busted. But Y can be doubled, tripled, etc. because Y can be supported in the full light of day. Don't focus on X, focus on Y.
I think maybe you missed a point. The imprint on the MP3s is only there on the un-activated version. Once you take that off, it simply puts something in the TAGs that says its owned by you. If you really want to, you can edit the tags. Only video files would get a short (few seconds) screen at the beginning and end of the movie that says "owned by So-and-so". There's no actual "DRM" involved in the conventional sense.
Who said anything about eliminating piracy? As I said many times before, that's foolish. What you want to do is make money off of content. The point of the imprinted version is just so you can get the file in an easy way (like an RSS feed to a bittorrent search) and then quickly activate it. As I said more than once, depending on the codec, you might not be able to have a playable imprinted version. In that case, you just get a scrambled one that can easily be activated.
Nothing whatsoever. The entire point is that thwarting anything other than casual copying is a mug's game. BTW, the files would already be mp3s, mpgs, divxs, etc. You wouldn't need to re-encode them (though you might for removing the beginning/end banners on the video, depending on the codec).
The goal is to make the legit copy always available and always at least as fast and probably faster than getting the pirate one. And cheap enough so that people who would pay can easily do that. Look at how much business iTunes gets even though you can already get the same thing in a much less crappy locked-in version for free on the torrents.
Rights holders would create copies of their movies/music/etc. using a standard program that "imprints" it with a demo indicator. For video, this would mean a message appearing at the start, end and in the middle of the screen every 20 minutes or so saying this was an unlicensed copy and to license it, go to this website. For music, it would take the form of an audio announcement along the same lines at the beginning, middle, and end of the song.
When you go to that website, you can download an app for your particular platform. The app would be fairly simple, so there's really no excuse for not supporting Windows, Mac, Linux, and maybe even BSD. This app is like iTunes Music Store in that it lets you whip out a credit card and pay money for the music/movie. It then downloads from the server the diff that would take those announcement bits out and replace them with the normal audio/video. It also tack on to the beginning and end of any video the purchaser's name, with a short (less than 5 second) screen saying that the following movie was the licensed property of (purchaser's name). For audio files, it would probably be best just to have that put in the tags. Hopefully some place it would be obvious on playback/browsing.
And that's it. No more DRM. No phoning home, no device lock in for the stuff you already purchased. Just a simple screen to prevent casual copying (who wants to give other people stuff with their name and maybe city/state on it). The knowledgeable crowd will know how to fix that, but there's no point in trying to stop them, anyway. They'll always figure out a way around and you can save yourself millions of dollars in creating elaborate DRM schemes and lost sales because people don't like elaborate DRM schemes.
You charge VERY low rates for these files. We're talking 10 cents - 50 cents a song and around $1-$2 a movie. You make up for the price in volume, especially on the movies because now you can really give the movie rental places a run for their money. You not only stop trying to squash bittorrent, you embrace it. You get your imprinted copies on every decent tracker and you help seed them. You make it as easy to download your imprinted copy as it is to get a pirate one.
If you've got the money for development/bandwidth, you can also create your own iTunes-like store where they can directly download from you. But you keep putting it on the torrent sites, too, because this is all about making paying for content as close to as easy as not paying for it and only slightly more expensive. If you're a smaller player, you team up and do package deals. This would narrow down the number of sites that have activation apps that you'd have to download. I figure each of the big music labels would want to do their own (BMG, Universal, etc.) and then you'd get indie collectives.
The payment method could also be abstracted so that you never give your financial information directly to the companies but only get sent through other payment systems like paypal, Amazon, etc. Heck, maybe even the activation apps could come from these "trusted" third parties. The content owners could keep them in line (keep them from trying to take a big piece of the pie) due to the competition between payment systems.
The companies could keep a record of the media you own, so that you could get a new copy activated if your old one got deleted. This would be low traffic on their site if they want because you can get the imprinted media from a torrent.
Note: If doing the diff thing is too difficult (because of the way various codecs work), you can also just create a file where you take out 10% of the information required to play it, basically in a worm-like fashion throughout the file. Enough to swiss cheese it. And you include a standard bit at the beginning of the file that tells you how to "activate" it. Basically like the above but without the free preview.
So, any thoughts? Crazy enough to work? Content sellers just keep trying to build a
I don't really expect to see any of these things. I've done some shopping today and see that you can ALREADY buy replacements for tail lights that screw into the same socket as the incandescent bulbs for far cheaper than your projected expected $1000+. Doing some very cursory googling, I see you can get a pair of really nice looking truck ones for $300. So that's $150 per tail light. You can also put "LED tail lights" into amazon and find plenty for $20-$50 a pair. That's the entire light, not just a single bulb.
The only place I can see it costing significantly more is for luxury cars like BMW/Lexus/etc. And that's only because everything always cost a premium on those cars.
Your expectations of home builders seem equally implausible. Do you even realize how often the home builder themselves would accidentally break the lights? They're not going to buy products that cost them $1000 when someone slips up and hits the bulb with a hammer. Equally unlikely is the success of any light fixture with a non-replaceable bulb sold directly to consumers. One of the first things they'll notice is that they can't replace the bulb. They'll either not buy it in the first place, or take it back and get a refund.
All in all, I just find your expectations to conflict with what I know of reality.
Slashdot Mirror
Any information there yet on the slashdot "signed" tag meme?
Exactly, so why bother putting so much time, effort and money into such a system when a) it will have flaws and exploitable points and b) you could just fake up some birth certificates instead?
Yup. Because my entire argument about the "massive security apparatus of the state" was completely based on just the thread of a handful of bad neighbors. No way that could possibly be just one example. You totally showed me up. Kudos to you, sir.
Right, but maybe I'm wrong on this, but isn't they key only used for the signature. My impression is that all the data can be read off it, it's just that you can't verify that it was signed by the country that it says it was signed by. In this instance, it would be indistinguishable from all other passports from outside of the current 45 country list.
The reason I questioned whether it's still the same difficulty as paper forgery is that passport control only has so long they're going to spend on each passport. If some of the time that used to be spent checking over the paper is now spent going over the electronic data, that makes it easier to do the paper part.
But I completely agree with what you said in the last paragraph. Once again it's all security theater that is built on a house of cards. All you snag are the dumb criminals. Maybe that's worth it, but I tend to default to thinking it doesn't.
While responding to this thread I went back and read over some of the 9/11 stuff. Apparently, their passports had stamps from countries like Afghanistan that would have cause red flags to be raised at passport control. Their solution? Report their passports stolen, get new ones and artificially "weather" them and fake a few stamps from non-threatening middle-eastern countries. Once again, it's all security theater.
I'm not sure what all that had to do with my post (which you were replying to, after all). In fact, my point was exactly that - the state won't protect us from everything. But showing that it doesn't protect us from some thing doesn't also logically prove that the state cannot protect us from anything (which was what the post I replied to was positing).
I would guess that consequences of the State is the reason some people don't kill their neighbors.
I'm not really worried about all the rest of my neighbors, just that one nut.
Good call. I was basing this on the stories after 9/11 of how (still living) people came forward with details matching those listed in the published list of hijackers. But researching it now seems to show that all those questions have been accounted for as well as can possibly expected.
As far as the "white" question, here are the photos:
http://en.wikipedia.org/wiki/Organizers_of_the_September_11%2C_2001_attacks
I wouldn't say most would be considered "white", unless you're just dividing people into "black" and "white." Most are clearly of a heritage other than European.
Aside - dear lord, the 9/11 truthers have made it pretty damn difficult to google anything 9/11 related and get anything other than crazy conspiracy theories.
And what, you rig the room with some dynamite to be triggered so that no one has physical access to the machine so they can haul it out when it does break?
Yeah, you could do that, and you could come out with a great plan from A to Z that covers every step. But there will be people involved, and that's my entire point. Each one of those people is someone that could be bribed/compromised.
From what I've gathered, the 9/11 bombers had authentic passports, they just weren't necessarily THEIR passports.
Correction: the state cannot protect us from everything.
That doesn't mean it's not protecting us from plenty of other stuff, just by the mere existence. Just to name one example, I'm pretty sure my neighbor would have offed me by this point if it wasn't for the fact that the state would punish him.
They already have a public key database system. It's just that they've barely gotten many countries to sign onto it. This isn't surprising, if you've ever had to deal with a bureaucracy.
Better hope that machine never breaks, what with no one having access to it and no backups ever being made.
The big problem is that these electronic measures will inevitably lead to more trust being placed in the electronic component. Passport control only has so much time to spend on each person passing through the huge lines at the airport. As someone who has went through these lines before, I can definitely confirm that sometimes there is only cursory scrutiny given to a passport. Maybe that's because I'm white and have an American passport. But even at those other checkpoints, I find it hard to believe that they'd keep up their current level of scrutiny AND add electronic checking. History suggests that the electronic checking will be used as a crutch.
And if you read my previous post on the subject, the key checking doesn't work like you think it does. It's not a toggle, it's a database of keys provided by each country issuing passports. And not all countries are providing such keys.
Reading the article, it's not as simple as that. There's not just an authentication system that can be toggled on an off. Each country has their own public key, which they can decide to share with other countries. Right now, 45 countries manually share keys. Then of them have signed up to an automated public key database. Only five of them are using it right now. So if you come from a country other than those 45, your passport never gets authenticated anyway. Bureaucracy being what it is, who knows when those numbers will grow much larger.
Also, think about the potential for corruption. All you'd need is someone in the government who you could bribe to give you the private key. Think Pakistan, India, Romania, etc. Then you've actually got an authenticated passport that lulls the passport checker into a false sense of security. They think they've got added security when actually they don't.
You definitely have some good points, and a lot of this kind of thing is something you "think" and not necessarily something you can "prove." But I do have a few comments. First, the content owners would be smart to do torrenting in ADDITION to having an iTunes-style website/application. Basically, use ALL the channels, not just a specific one. Second, a lot of people don't use iTunes because they don't like the restrictions and limitations on it or the price. I have never bought a single song from iTunes for exactly that reason. iTunes starting to release drm-free tracks shows that there must be a market for this. However, the $1.30/song price tag is still gonna bite.
Another major point is that iTunes is not a content owner. They sell other people's stuff. If EMI/BMG/Universal wanted to, they could set up shop and pull their catalog off of iTunes. A major thing that has stopped them from doing this in the past is that they've been hung up on the DRM issue. But once you get that out of the way, creating an online music is a LOT easier. There were plenty other music catalog websites that were out before iTunes that only lacked a "buy" button. Allmusic.com was around for at least five years before the iPod was ever created. The only thing that made iTunes a better platform was that they actually got contracts to SELL the music, not the user interface that they created (which, actually, is rather crappy in my opinion). And they got the contracts because of their DRM, and now we've come back to the beginning again.
They're not "free" tracks. They are the content, which you then get a key to unlock. It's a distribution system.
I 100% admit and embrace that you wouldn't have any control over the licensed copy. That's the point. All the control that is built into DRM is the reason why it's not as widely successful as it could be. And "easily be clipped off in a movie production app" is meaningless to the large majority of consumers. I emailed someone a PNG and they couldn't figure out how to open it. My friend, a professional civil engineer, can't figure out which keyboard he should buy.
And as far as whether you would use the system, it really does not matter. There are a certain amount of people who are never going to pay. And piracy will always exist to get perfect copies to those people. Right now the various content owners are obsessed with that number. But those people really don't matter any more than people who check out books from the library should bother book publishers.
Think about it. Right now there are X number of people pirating content and Y number of people legitimately purchasing it. Since pirating is illegal, X is very limited in how it can grow. It will always take a bit more ability to use a computer, and you always run the risk of getting busted. But Y can be doubled, tripled, etc. because Y can be supported in the full light of day. Don't focus on X, focus on Y.
I think maybe you missed a point. The imprint on the MP3s is only there on the un-activated version. Once you take that off, it simply puts something in the TAGs that says its owned by you. If you really want to, you can edit the tags. Only video files would get a short (few seconds) screen at the beginning and end of the movie that says "owned by So-and-so". There's no actual "DRM" involved in the conventional sense.
Who said anything about eliminating piracy? As I said many times before, that's foolish. What you want to do is make money off of content. The point of the imprinted version is just so you can get the file in an easy way (like an RSS feed to a bittorrent search) and then quickly activate it. As I said more than once, depending on the codec, you might not be able to have a playable imprinted version. In that case, you just get a scrambled one that can easily be activated.
Nothing whatsoever. The entire point is that thwarting anything other than casual copying is a mug's game. BTW, the files would already be mp3s, mpgs, divxs, etc. You wouldn't need to re-encode them (though you might for removing the beginning/end banners on the video, depending on the codec).
The goal is to make the legit copy always available and always at least as fast and probably faster than getting the pirate one. And cheap enough so that people who would pay can easily do that. Look at how much business iTunes gets even though you can already get the same thing in a much less crappy locked-in version for free on the torrents.
...would be:
Rights holders would create copies of their movies/music/etc. using a standard program that "imprints" it with a demo indicator. For video, this would mean a message appearing at the start, end and in the middle of the screen every 20 minutes or so saying this was an unlicensed copy and to license it, go to this website. For music, it would take the form of an audio announcement along the same lines at the beginning, middle, and end of the song.
When you go to that website, you can download an app for your particular platform. The app would be fairly simple, so there's really no excuse for not supporting Windows, Mac, Linux, and maybe even BSD. This app is like iTunes Music Store in that it lets you whip out a credit card and pay money for the music/movie. It then downloads from the server the diff that would take those announcement bits out and replace them with the normal audio/video. It also tack on to the beginning and end of any video the purchaser's name, with a short (less than 5 second) screen saying that the following movie was the licensed property of (purchaser's name). For audio files, it would probably be best just to have that put in the tags. Hopefully some place it would be obvious on playback/browsing.
And that's it. No more DRM. No phoning home, no device lock in for the stuff you already purchased. Just a simple screen to prevent casual copying (who wants to give other people stuff with their name and maybe city/state on it). The knowledgeable crowd will know how to fix that, but there's no point in trying to stop them, anyway. They'll always figure out a way around and you can save yourself millions of dollars in creating elaborate DRM schemes and lost sales because people don't like elaborate DRM schemes.
You charge VERY low rates for these files. We're talking 10 cents - 50 cents a song and around $1-$2 a movie. You make up for the price in volume, especially on the movies because now you can really give the movie rental places a run for their money. You not only stop trying to squash bittorrent, you embrace it. You get your imprinted copies on every decent tracker and you help seed them. You make it as easy to download your imprinted copy as it is to get a pirate one.
If you've got the money for development/bandwidth, you can also create your own iTunes-like store where they can directly download from you. But you keep putting it on the torrent sites, too, because this is all about making paying for content as close to as easy as not paying for it and only slightly more expensive. If you're a smaller player, you team up and do package deals. This would narrow down the number of sites that have activation apps that you'd have to download. I figure each of the big music labels would want to do their own (BMG, Universal, etc.) and then you'd get indie collectives.
The payment method could also be abstracted so that you never give your financial information directly to the companies but only get sent through other payment systems like paypal, Amazon, etc. Heck, maybe even the activation apps could come from these "trusted" third parties. The content owners could keep them in line (keep them from trying to take a big piece of the pie) due to the competition between payment systems.
The companies could keep a record of the media you own, so that you could get a new copy activated if your old one got deleted. This would be low traffic on their site if they want because you can get the imprinted media from a torrent.
Note: If doing the diff thing is too difficult (because of the way various codecs work), you can also just create a file where you take out 10% of the information required to play it, basically in a worm-like fashion throughout the file. Enough to swiss cheese it. And you include a standard bit at the beginning of the file that tells you how to "activate" it. Basically like the above but without the free preview.
So, any thoughts? Crazy enough to work? Content sellers just keep trying to build a
The OP was being sarcastic in the first paragraph.
I hope.
The most unbelievable one I've ever personally run into was this one. Would have been much better if he'd went into urology, though.
I don't really expect to see any of these things. I've done some shopping today and see that you can ALREADY buy replacements for tail lights that screw into the same socket as the incandescent bulbs for far cheaper than your projected expected $1000+. Doing some very cursory googling, I see you can get a pair of really nice looking truck ones for $300. So that's $150 per tail light. You can also put "LED tail lights" into amazon and find plenty for $20-$50 a pair. That's the entire light, not just a single bulb.
The only place I can see it costing significantly more is for luxury cars like BMW/Lexus/etc. And that's only because everything always cost a premium on those cars.
Your expectations of home builders seem equally implausible. Do you even realize how often the home builder themselves would accidentally break the lights? They're not going to buy products that cost them $1000 when someone slips up and hits the bulb with a hammer. Equally unlikely is the success of any light fixture with a non-replaceable bulb sold directly to consumers. One of the first things they'll notice is that they can't replace the bulb. They'll either not buy it in the first place, or take it back and get a refund.
All in all, I just find your expectations to conflict with what I know of reality.
I demand to know why this story isn't tagged "ninetimes"!