AES-256 is "harder" than 3DES, and 3DES has yet to be cracked. The AES-256 is going on the chip.
Give cracking it a try.
Yes, Linux is used in the set-top boxes (Scientific Atlanta comes to mind). Try loading an alternate OS on these boxes. Done "properly" its impossible (or close to).
The easiest scheme is to have an MD-5 hash of the software load, and refuse to load anything else.
Now, you are thinking "the load will have the key". It may... or the key is in the box. Usually, the key will be wrapped by another AES-256 layer, that the loader knows NOTHING about. FIPS-140 stuff...
Now, the system WON'T be entirely secure -- you could always resort to chip-scraping, or thermals, etc. to break the key. As to the "Hardware to incorporate the technology to decrypt at 30 fps, full screen". Lets see -- using a Xilinx FPGA, I can decrypt AES-256 at a rate of ~500 Mbps. About 10x what is needed. Custom logic? why not. Costs less...
Note that the Linux NEVER KNOWS THE MEANING OF THE DATA. It just shoves it to the monitor. Which already has expensive glass parts, etc. The cost of an additional chip in the monitor is even more easily absorbed.
FOSS DRM? Sure, why not. The job of the FOSS DRM software will be to mediate keys, and establish a trust relationship. IT IS NOT GOING TO DECODE THE DATA.
- The quality of the FILTERED output will be DVD level. Which is at or beyond consumer expectation.
- New gear will have HD option, and as people upgrade, they will get 10x better than DVD quality.
- You can STILL record at DVD quality, just not HD (and HD does take 10x)
- As monitors are upgraded, the content will be ready.
- Anyone can WATCH "protected HD content" -- at DVD quality. Which happens to be good enough for 40"+ screens.
- We are talking about 1080 line resolution; very few people run monitors at these resolutions (1920x1080). The DVD quality will be perfectly acceptable (1280x480 - with a bit of twigging)
Because if they DON'T, they will not be able to play the content at all.
(more technically, if Apple doesn't implement signal decimation filtering on un-encrypted outputs, they won't be given the keys to display the content AT ALL).
I used to manage at ATI. And *I* don't use closed source drivers. So, I don't have 3D acceleration. So sad. I do not consider it a loss; it's the price of a stable system
I will not use a proprietary driver from anyone. The only "proprietary" part may be firmware load for the card.
The biggest marketing 180 ever done -- Apple goes from CRAP hardware to PREMIUM hardware.
The company that was too cheap to put interrupts and DMA in their systems, and then had the gall to brag about it.
The company that delights in sealed up cases, and consumer lock-in, on really bad hardware (I have purchased "Macs" with unshielded SCSI cables straight from Apple -- and of COURSE they didn't work).
The company that abandons users (hey, I was dumb enough to buy a Newton).
So sure, let the "fanbois" and "fangrrls" have at it.
The last time I had an MSDN subscription was 1996/97.
I was working as an indepedent contractor, on Windows drivers.
The subscription ran me 3 or 4 large a year (but did include 10 float licenses for all MS OSs, and full international versions of same - call it 200 CDs a year. Give or take).
Now, I assume (please correct me), that $99 doesn't get you all the CDs; that you have to download material you are interested in (so it would be useless to internationalization efforts, stuff like that).
But it provides access to all those OSs and versions?
The reason I question this, is that the retail XP goes for 1 to 2 hundred around here. 10 licenses (floatable to different hardware) would then be 2 large, and having access to 20 or 30 (whatever) variants...
It would make MSDN a better deal than buying the OS!
"It is curious to me to see the frequency that the Linux/Unix enthusiasts complain about the lack of robust/commercial offerings of Linux hosted/compatible systems in various areas compared to those that are Windows hosted/compatible."
Back in the day, I used to license software (I also wrote it, and the manuals, and supported it).
The software would sell for $1200 to $35,000 per copy.
I had a LIST of EVERY customer, and the status. The software was licensed, not sold. Yes, I *would* fly out to customer sites to assist them with problems. Access to this service, and the ability to reach a person 24/7 cost an additional amount every year ($800).
Now, if someone calls with a problem and they are NOT on the list? (which means, not properly transferred?) Read the fine print.
And why did I do this? Because I had been ripped off before. Big time. And, really, I don't like spending big bucks on lawyers.
PS. I would go after the company that supplied the copy AND the company using it. Both get hit. The company using? That would be: Please remit cost of item, and we'll consider it square.
The comapny supplying? Audit now, and make me happy, or I *will* sue.
Imagine that you "borrowed" some tools from your local mechanic. Would she be happy? How would you avoid criminal prossecution? Or a *least* a lawsuit.
Standards are reviewed every 5 years, and if it isn't championed, its withdrawn.
Given that the "PC-BIOS" du-jour semi-standard won out, IEEE 1275 was withdrawn.
However, lets review what we lost:
IEEE 1275 defined a VM for hardware. ROM code for devices would be written in ANSI FORTH, and compiled to byte codes. Different processors could efficiently interpret those byte-codes to run low-level functions.
Basic drivers in ROM, in machine-independent format. (use the same ROM for PPC, Intel, SPARC, etc.). For instance, a basic "frame buffer" style driver for video could be included, which means "instant-on" gratification for installing a video card. You may need to add a driver later to take advantage of "whiz-bang" 3D or something. [PS My Linux box, *never* uses BIOS after boot, except for "SMM" -- which is another discussion).
Ability to put patches in nvram, again, in FORTH (want to support a new 15 button mouse, that needs a twig to go into 15 button mode? Easy, just put a bit of code into nvram).
Since it makes sense to actually USE the console (because display and keyboard drivers are available), it is EASY to support terminals via serial port (or why not a basic network stack). Indeed network boot using TFTP, in a straight-forward way, using "built-in" network drivers is a standard feature.
Your "typical" SUN box has ALL of this. The "PC" industry just didn't bother.
Instead, Intel has come up with "PXE" which is sort of network boot (will boot from TFTP), but is limited (naturally) to Intel processors.
Go figure -- the problems have been solved, the solution ignored, and now we are starting again...
Well, golly, its nice Microsoft has this patent and all...
But, again, they can't defend it.
Vioations: any image 19x19 or otherwise, is converted to characters when being transferred by email. And, the character sequence representing an icon (avatar) has been with us since FACES graced our email. The fact that MS doesn't render FACES is... well, not relevant.
The next step -- which is replacing a long sequence by a shorter sequence to be filled in by the receiver -- in a nutshell, that is gzip compression. And using pre-computed huffman tables has been with us forever as well.
The LAST step -- which is to tie this all to "emoticons" used for IM. If you can send pictures via IM (which is NOT something being patented here)... the emoticon is simply an interpretation of the picture.
Again, I am really happy for Microsoft for getting this patent, but don't sweat it -- they can't (and won't) defend it. May use it to threaten someone, though.
The crypto on DVDs was cracked through a key leak.
And, this is the probably the only way that this (and future) content can be effectively attacked.
So far, even 3DES is safe (no one has yet cracked a Video Cipher II, to my knowledge). AES is faster and safer.
The key exchange is the only weak link in the system.
Have at it! But, I will give you a clue -- since the "DVD Jon" incident, the systems are being reviewed for that vulnerability. I really don't think that accidental OEM key leakage can be exploited the next time.
If there is an analog output, the signal will be degraded.
So, if you CAN capture it, it will be a "low-res" signal.
If there is a digital output, and the digital output is un-encrypted, it will be degraded.
So, if you CAN capture it, it will be a "low-res" signal.
If there is a digital output *and* the digital output is encrypted, it will be full-resolution.
At no time will the full-resolution digital signal be exposed in non-encrypted form.
However, the "low-res" signal will be equal in quality to a "digital standard TV", which is the quality you can get from DVDs now. Because this is the current consumer expectation (actually, a bit more than the expectation), there won't be a backlash.
But, high quality content will look REALLY good, and the people who can afford it will be in for a treat.
When systems are replaced, they will have the DRM, and at some point all control will be in the hands of the content producers.
What is needed is a driver to have people replace their computers. Adding resource requirements can speed this up -- figure two years for the early adopters, and ten for the trailing edge.
And, its done. (how many people run computer kit from 1995 now?)
You have fallen into the most brilliant marketing ploy!
A ratified standard is exactly that. We have standards organizations to ensure that standards are adhered to: ISO, IEEE, ANSI, etc.
If is ISN'T ratified under a standards organization, it isn't a standard.
So, SPARC v8 *is* a standard, IA-32 isn't.
Indeed, IA-32 is WHATEVER Intel claims it to be (or whoever owns the trademark).
Sure, it's stable enough to be a "de-facto" standard, and there are competing companies (AMD, etc.), but that STILL doesn't make it a standard.
Intel could make it a standard, by turning it over to a standards body (like SUN did). Of course, that didn't help SUN much (which is probably one reason why they are reticent about turning over JAVA).
If IA-32 were a standard, it would be possible to argue restraint of trade (selling a compiler that generates standards compliant code, and yet differentiates different standards implementations). SUN offers a compiler; and it DOESN'T differentiate (for that reason).
But IA-32 is not a standard, so there is no body that can determine what a valid compiler implementation can differentiate on. Intel is in the right here; they are producing a compiler that optimizes for Intel chips. Not third party, supposedly "plug compatible", "software compatible" or whatever devices.
And I, for one, will NEVER give the title "Standards Body" to Intel, or Adobe.
Postscript(tm) is also a "de-facto" standard. Perhaps you are looking for ISO 10180? [Although, ironically, due to the power of de-facto, the standard is only available on paper, or as a "pdf").
Deliver outstanding performance by optimizing your applications for Intel® processors. This package includes Intel® C++ Compiler for eMbedded Visual C++*.
Slashdot Mirror
AES-256 is "harder" than 3DES, and 3DES has yet to be cracked. The AES-256 is going on the chip.
Give cracking it a try.
Yes, Linux is used in the set-top boxes (Scientific Atlanta comes to mind). Try loading an alternate OS on these boxes. Done "properly" its impossible (or close to).
The easiest scheme is to have an MD-5 hash of the software load, and refuse to load anything else.
Now, you are thinking "the load will have the key". It may... or the key is in the box. Usually, the key will be wrapped by another AES-256 layer, that the loader knows NOTHING about. FIPS-140 stuff...
Now, the system WON'T be entirely secure -- you could always resort to chip-scraping, or thermals, etc. to break the key. As to the "Hardware to incorporate the technology to decrypt at 30 fps, full screen". Lets see -- using a Xilinx FPGA, I can decrypt AES-256 at a rate of ~500 Mbps. About 10x what is needed. Custom logic? why not. Costs less...
Note that the Linux NEVER KNOWS THE MEANING OF THE DATA. It just shoves it to the monitor. Which already has expensive glass parts, etc. The cost of an additional chip in the monitor is even more easily absorbed.
FOSS DRM? Sure, why not. The job of the FOSS DRM software will be to mediate keys, and establish a trust relationship. IT IS NOT GOING TO DECODE THE DATA.
Ratboy.
The idea won't die that easily.
In a nutshell:
- The quality of the FILTERED output will be DVD level. Which is at or beyond consumer expectation.
- New gear will have HD option, and as people upgrade, they will get 10x better than DVD quality.
- You can STILL record at DVD quality, just not HD (and HD does take 10x)
- As monitors are upgraded, the content will be ready.
- Anyone can WATCH "protected HD content" -- at DVD quality. Which happens to be good enough for 40"+ screens.
- We are talking about 1080 line resolution; very few people run monitors at these resolutions (1920x1080). The DVD quality will be perfectly acceptable (1280x480 - with a bit of twigging)
So its likely going through.
Apple WILL. End of story.
Because if they DON'T, they will not be able to play the content at all.
(more technically, if Apple doesn't implement signal decimation filtering on un-encrypted outputs, they won't be given the keys to display the content AT ALL).
My wife finds MS Word far easier to use (compared with OpenOffice.org).
/uses/ OpenOffice.org -- but she does have a point. MS Word is easier to use.
1 - tables (MS Word, you just draw them)
2 - drawing (MS Word, the tools are at hand)
3 - mail merge.
4 - help
5 - loading speed
Jen
And, Jen did give OpenOffice some cred: fonts appearing in style in selections was a very welcom feature.
Ratboy
"Developers Loss"? Say what?
I used to manage at ATI. And *I* don't use closed source
drivers. So, I don't have 3D
acceleration. So sad. I do
not consider it a loss; it's
the price of a stable system
I will not use a proprietary
driver from anyone. The only
"proprietary" part may be
firmware load for the card.
Apple build quality hardware?
Is this what you are saying?
The biggest marketing 180 ever done -- Apple goes from CRAP hardware to PREMIUM hardware.
The company that was too cheap to put interrupts and DMA in their systems, and then had the gall to brag about it.
The company that delights in sealed up cases, and consumer lock-in, on really bad hardware (I have purchased "Macs" with unshielded SCSI cables straight from Apple -- and of COURSE they didn't work).
The company that abandons users (hey, I was dumb enough to buy a Newton).
So sure, let the "fanbois" and "fangrrls" have at it.
Ratboy
Ok, now we have HP taking pot shots at SUN and IBM.
/has/ given to the community, but in no way as much as IBM and SUN. NFS? SUN OpenOffice? SUN, Solaris 10? SUN (let's see HP open-source HPUX).
Yes, HP
Before HP opens its yap, I want to see the source for HPUX, and CDE.
You know, that OS where you can't use local variables named "u" in kernel code (just like 30 year old Unix).
But NOOO - HP feels they must shoot at IBM and SUN for the (Open Source approved) LICENSE -- AND PEOPLE ACTUALLY CLAPPED?!?!?
Ratboy
EMC Centera for email storage. Its a CAM. You can find a couple of test Centeras on the 'net (but they will have data trashed periodically).
Will retain records pursuant to a number of different gov requirements for reporting.
Use Kasten Chase for encrypting, if needed (we have an object shim -- and this is a plug). That will give you your data security.
Maybe other solutions... but that's the one I am familiar with.
Ratboy.
Beautiful!
I wish
- that I had mod points now, and
- that there was a "+1 Hillarious Brilliant Troll" rating
Oh well...
Ratboy
$99 bucks now, huh?
I may get me one of those.
The last time I had an MSDN subscription was 1996/97.
I was working as an indepedent contractor, on Windows drivers.
The subscription ran me 3 or 4 large a year (but did include 10 float licenses for all MS OSs, and full international versions of same - call it 200 CDs a year. Give or take).
Now, I assume (please correct me), that $99 doesn't get you all the CDs; that you have to download material you are interested in (so it would be useless to internationalization efforts, stuff like that).
But it provides access to all those OSs and versions?
The reason I question this, is that the retail XP goes for 1 to 2 hundred around here. 10 licenses (floatable to different hardware) would then be 2 large, and having access to 20 or 30 (whatever) variants...
It would make MSDN a better deal than buying the OS!
Ratboy.
You've fallen into a "though-trap" here.
DOWNLOADING is perfectly legal. Unless, in your jurisdiction, there is material which is deemed illegal.
For example, in my jurisdiction, it is illegal to DOWNLOAD child porn.
Of course, thousands of repetitions of "Illegal Download" may end up making it so...
Ratboy
"It is curious to me to see the frequency that the Linux/Unix enthusiasts complain about the lack of robust/commercial offerings of Linux hosted/compatible systems in various areas compared to those that are Windows hosted/compatible."
Yeah, curious to me too.
In fact, IT ALMOST NEVER HAPPENS.
Ratboy.
Of COURSE you should report Dell. Dude, we just can't TOLERATE pirate software!
Your fiends at the BSA
Back in the day, I used to license software (I also wrote it, and the manuals, and supported it).
The software would sell for $1200 to $35,000 per copy.
I had a LIST of EVERY customer, and the status. The software was licensed, not sold. Yes, I *would* fly out to customer sites to assist them with problems. Access to this service, and the ability to reach a person 24/7 cost an additional amount every year ($800).
Now, if someone calls with a problem and they are NOT on the list? (which means, not properly transferred?) Read the fine print.
And why did I do this? Because I had been ripped off before. Big time. And, really, I don't like spending big bucks on lawyers.
PS. I would go after the company that supplied the copy AND the company using it. Both get hit. The company using? That would be: Please remit cost of item, and we'll consider it square.
The comapny supplying? Audit now, and make me happy, or I *will* sue.
Imagine that you "borrowed" some tools from your local mechanic. Would she be happy? How would you avoid criminal prossecution? Or a *least* a lawsuit.
Got it?
Ratboy.
PXE can be supported by servers running TFTP. And, PXE can be supported by Linux, etc.
On the other hand, the PXE "spec" is massive. I don't know if SUN makes a SPARC based PXE client.
It is a big spec that put me to sleep...
Ratboy.
Yes, you can get your IP address from a server: normally we use bootp protocol, but DHCP should also be possible.
As to development -- the system uses byte-code. Whatever source language produces the byte-code is fine. Usually, its FORTH.
The shell is a command line, with history and editing. After all, we don't want to lose the ability to run from a serial terminal.
Ratboy.
Standards are reviewed every 5 years, and if it isn't championed, its withdrawn.
Given that the "PC-BIOS" du-jour semi-standard won out, IEEE 1275 was withdrawn.
However, lets review what we lost:
IEEE 1275 defined a VM for hardware. ROM code for devices would be written in ANSI FORTH, and compiled to byte codes. Different processors could efficiently interpret those byte-codes to run low-level functions.
Basic drivers in ROM, in machine-independent format. (use the same ROM for PPC, Intel, SPARC, etc.). For instance, a basic "frame buffer" style driver for video could be included, which means "instant-on" gratification for installing a video card. You may need to add a driver later to take advantage of "whiz-bang" 3D or something. [PS My Linux box, *never* uses BIOS after boot, except for "SMM" -- which is another discussion).
Ability to put patches in nvram, again, in FORTH (want to support a new 15 button mouse, that needs a twig to go into 15 button mode? Easy, just put a bit of code into nvram).
Since it makes sense to actually USE the console (because display and keyboard drivers are available), it is EASY to support terminals via serial port (or why not a basic network stack). Indeed network boot using TFTP, in a straight-forward way, using "built-in" network drivers is a standard feature.
Your "typical" SUN box has ALL of this. The "PC" industry just didn't bother.
Instead, Intel has come up with "PXE" which is sort of network boot (will boot from TFTP), but is limited (naturally) to Intel processors.
Go figure -- the problems have been solved, the solution ignored, and now we are starting again...
Give some support to IEE 1275.
Ratboy.
Microsoft HAS used patents "offensively". Bad-um, bump.
Anyway, the patent on VFAT was used.
Ratboy
Well, golly, its nice Microsoft has this patent and all...
But, again, they can't defend it.
Vioations: any image 19x19 or otherwise, is converted to characters when being transferred by email. And, the character sequence representing an icon (avatar) has been with us since FACES graced our email. The fact that MS doesn't render FACES is... well, not relevant.
The next step -- which is replacing a long sequence by a shorter sequence to be filled in by the receiver -- in a nutshell, that is gzip compression. And using pre-computed huffman tables has been with us forever as well.
The LAST step -- which is to tie this all to "emoticons" used for IM. If you can send pictures via IM (which is NOT something being patented here)... the emoticon is simply an interpretation of the picture.
Again, I am really happy for Microsoft for getting this patent, but don't sweat it -- they can't (and won't) defend it. May use it to threaten someone, though.
Ratboy
Well --
I was a Staff Engineer at SUN, and why, thanks for asking, I *do* have stuff in the Solaris Kernel.
Ratboy.
Why is that strange?
I am a Solaris/AIX/HPUX/Linux developer, and I have two (2) machines at home running Windows 98SE.
Works fine, never had the need to upgrade or change it out.
So, if you get an email from me, it will either be from one of a myriad of Unix boxes, or Windows 98.
Ratboy
The crypto on DVDs was cracked through a key leak.
And, this is the probably the only way that this (and future) content can be effectively attacked.
So far, even 3DES is safe (no one has yet cracked a Video Cipher II, to my knowledge). AES is faster and safer.
The key exchange is the only weak link in the system.
Have at it! But, I will give you a clue -- since the "DVD Jon" incident, the systems are being reviewed for that vulnerability. I really don't think that accidental OEM key leakage can be exploited the next time.
Ratboy
If there is an analog output, the signal will be degraded.
So, if you CAN capture it, it will be a "low-res" signal.
If there is a digital output, and the digital output is un-encrypted, it will be degraded.
So, if you CAN capture it, it will be a "low-res" signal.
If there is a digital output *and* the digital output is encrypted, it will be full-resolution.
At no time will the full-resolution digital signal be exposed in non-encrypted form.
However, the "low-res" signal will be equal in quality to a "digital standard TV", which is the quality you can get from DVDs now. Because this is the current consumer expectation (actually, a bit more than the expectation), there won't be a backlash.
But, high quality content will look REALLY good, and the people who can afford it will be in for a treat.
When systems are replaced, they will have the DRM, and at some point all control will be in the hands of the content producers.
What is needed is a driver to have people replace their computers. Adding resource requirements can speed this up -- figure two years for the early adopters, and ten for the trailing edge.
And, its done. (how many people run computer kit from 1995 now?)
[I may have left my tinfoil hat at home, sorry]
Ratboy.
You have fallen into the most brilliant marketing ploy!
A ratified standard is exactly that. We have standards organizations to ensure that standards are adhered to: ISO, IEEE, ANSI, etc.
If is ISN'T ratified under a standards organization, it isn't a standard.
So, SPARC v8 *is* a standard, IA-32 isn't.
Indeed, IA-32 is WHATEVER Intel claims it to be (or whoever owns the trademark).
Sure, it's stable enough to be a "de-facto" standard, and there are competing companies (AMD, etc.), but that STILL doesn't make it a standard.
Intel could make it a standard, by turning it over to a standards body (like SUN did). Of course, that didn't help SUN much (which is probably one reason why they are reticent about turning over JAVA).
If IA-32 were a standard, it would be possible to argue restraint of trade (selling a compiler that generates standards compliant code, and yet differentiates different standards implementations). SUN offers a compiler; and it DOESN'T differentiate (for that reason).
But IA-32 is not a standard, so there is no body that can determine what a valid compiler implementation can differentiate on. Intel is in the right here; they are producing a compiler that optimizes for Intel chips. Not third party, supposedly "plug compatible", "software compatible" or whatever devices.
And I, for one, will NEVER give the title "Standards Body" to Intel, or Adobe.
Postscript(tm) is also a "de-facto" standard. Perhaps you are looking for ISO 10180? [Although, ironically, due to the power of de-facto, the standard is only available on paper, or as a "pdf").
Ratboy
No, they don't. Let me quote from Intel:
More Information
Intel® C++ Compiler
for Windows*
Deliver outstanding performance by optimizing your applications for Intel® processors. This package includes Intel® C++ Compiler for eMbedded Visual C++*.