I dunno, I didn't find it a hassle, or expensive. I was already using 110 blocks for telco lines, so it made sense.
Oh, and it should be obvious, but my original post should have noted "two wires" and not "two pairs" with regard to the DSL line at the demark. Silly me.
The guy just looked at it, and said, and I quote "Damn! You did a better job than I would have."
Yeah, same here.
I had Internet America install my DSL service. They have a self-install option, with micro-filters and all, but it was not available to me because I was so far from the C.O. (15.6 kft) that I needed a dedicated pair to get any decent bandwidth (I chose the 768kb/s down, 384 kb/s up option) -- They said I could probably get that, via ADSL if I opted to go with a dedicated pair, and, if it didn't work, all charges would be refunded. Rather cool, actually.
Of course, the dedicated pair costs me some US$15 a month from the telco for a total of $81.18 a month, but the service has been great: static IP, no caps, I can run "small" servers and so on. And, while it's no doubt a bridged connection, I do see good download speeds. So I'm happy. None of this "ping is a hacker's tool, the use of which violates the AUP" crap.
Anyway, I receive a Broadxtent bridge in the mail, and a note to schedule an appointment. I mount the bridge in my headend, check the demarc, and lo and behold!, I have two brand new pairs already pulled for the DSL service. So, I schedule the install for the next day. Meanwhile, I figure, "Heck, all I have to do is hook up that pair, cross-connect it to the bridge connection on the right 110 block, and configure my router, and I should be all set." Sure enuf, that's all it took.
So, I call Internet America first thing the next day, and tell them to not bother sending the installer, it's alive, kicking, and showing decent up/down speeds. "But sir, we want to make sure it's installed correctly to avoid a service call." O.K., I can understand this. "Anyway, you paid the $150 installation fee (the telco pair drop portion was unavoidable anyway) -- might as well have the tech stop by." Well, O.K. then.
Tech shows up, looks at my computer, working fine, with an RJ45 cable snaking off (I hadn't finished the drop to that room yet, so I just snaked a cable back to the headend), and asks, "Where's our modem?" "The headend," I reply, "I hadn't installed the drop to this room yet. Follow the ethernet cable."
So, he does, and sure enough, I hear a "Damn! I wouldn'tve done as good a job!" He smiled, we talked shop for about 10 minutes, and that was it.
To their credit, Internet America left my computer alone, gave me a static IP with no fuss, and have provided decent service since. The Broadxtent bridge locks up every few months, but a power-cycle fixes that.
Imagine a Microsoft EULA that says: if you run Windows, you can't contribute to Linux.
SHHHH!
How many of us must use Microsoft software at work?
What if Microsoft, as part of a security update EULA, added the clause, "users of software affected by this security update are forbidden from contributing to software designed to compete with Microsoft products?"
Well, aside from RMS getting the legitimate right to go "I told you so!"ing, perhaps an analogy might help:
I produce carbon dioxide via exhalation. Others are permitted to use this carbon dioxide for human breathing (via the use of plants) so long as they do not compete with me for the resources of the Earth, or, in any way, hinder my life. Upon being informed of a violation of this license, it shall be incumbant upon the alleged violator to prove they have not used any of the carbon dioxide I produce.
There, how's that? It can be relatively easily shown that each breath anyone takes is bound to have some molecules of oxygen from the transformation (via a plant) of the carbon dioxide I exhale. I have effectively produced a license that makes everyone in the world my slave.
Would anyone successfully argue that what my body produces is not mine to license at will?
O.K., the analogy isn't perfect (in that one has little choice in being exposed to what I produce), and others could foist the same license on me in retalliation, but the point is that using BitKeeper may taint the production of particularly useful free software, in the same way that the GPL is accused of being "viral".
Use it to maintain the Linux kernel, and perhaps you can't now develop a BitKeeper clone under Linux because of the "pollution".
If anything, license shenanigans like this one are the one thing that justify RMS' concern and disdain for non-free software.
While at Teradyne, I had the pleasure of working with two great contract Sysadmins, both legally blind. They basically did the same thing: huge fonts on a monitor.
Actually, the key box only decrypts secondary keys for the playback devices (BTW, protecting code a la Palladium, has other problems, because such code has to run under a "trusted" O/S/, unless decryption of it can be done while it runs). So, the key box does not decrypt content. The display devices do.
Cracking the key box (or display device for that matter), would yield private keys for a single owner's display devices (and thus content encrypted with them). While I suppose these keys could be distributed to other display devices, you'd need to encrypt them with appropriately signed public keys. At the very least this means cracking the key box's private key as well.
Key repudiation mitigates this problem somewhat, but it requires occasional distribution of repudiated keys to key boxes and display devices. I don't like the idea to which this translates: relicensing content via re-certifying key boxes and display devices. I suppose key repudiations could be included in content streams.
However, this presumes the key boxes and display devices can be cracked. There are specialized cryptographic processors that make this difficult: (1) they are pretected from xray, (2) they are protected from physical probing, (3) they destroy cached keys upon extreme temerature or shock conditions suggestive of tampering.
I suppose they still could be cracked, given enough time, effort, and money -- they key is to make this economically unworthwhile: all you get is the ability to decrypt one person's content (which could easily be detected if warezed to any large degree because of the plain text nature of it), and an awkward process for trying to build a key box that can distribute to others, so that other content could be decrypted.
I can imagine a repudiation mechanism built into the content provider's networks: they'd refuse to encrypt with public keys of known cracked boxes.
Er, just how is this insecure? Other than by physically compromising keys? Remember, we're talking about wide deployment of strong Public Key Crypto.
The downside is that the key boxes would likely be expensive: current equivalents on secure comm cards for PCs run around US$4000 -- but they suffer from not being produced in large quanities.
DRM, securing the internet, saving broadband
on
DRM: How To Boil A Frog
·
· Score: 1, Flamebait
O.K. I finally figured it out. I know how to deploy livable DRM, get the ??AAs to stream content saving the broadband providers from their bandwidth glut, secure internet communications, and give the government key escrow on most communications. In short, I can save the American economy.
1. You deploy DRM with little boxes, called "key boxes". They come with their own secret private and public keys of which they expose the latter to secondary key providers. These download those keys to the key boxes, safe in the knowledge that the box knows the key, but the owner of the box doesn't. The key boxes can be trusted because they're public keys are appropriately signed.
These key boxes distribute the private keys they hold to display devices (to a limit), and the public keys to anyone. Private keys can be "returned" from the display device to the key boxes. Appropriately signed public keys create a web of trust all around. Basically, you can receive encrypted content and only display it on approved equipment, but make as many copies as you want.
The key boxes also can hold key pairs where you know the private key, but such keys are useless for protected content because the public keys are not "blessed" by the right signing authorities that the relevant ??AA trusts. Still, they conveniently carry your secure keys for email, etc.
2. The content providers lobby for, and get legislation, to mandate the use of this system. The consumer electronics industry ramps up and leads the charge out of the slump. Conversion boxes are used for legacy analog displays at "reduced" resolution. But, new fangled all-digital secure TVs and speakers start to arrive.
3. Having taken a collective Valium, content provides start releasing content over the net, secure that it can't be redistributed at will. The demand for high-speed internet access heats up, for real this time.
4. People start using these "secret" private keys for email. In the event that such keys get lost, provision is made to permit them to be escrowed for safe keeping in recognized "key banks". Again, a key box can disclose a secret private key to a key bank if the key bank's public key has been properly certified.
The government, of course, to appear to strike "balance" in the call for DRM sets it self up as a key bank that all content providers must trust. People use secret private keys for casual email (because it is now so easy). The government drools over the key escrow by fiat it now has, and boasts that it has "secured the internet" (as most traffic will now be strongly encrypted).
And that's how to save the U.S. economy.
No, it won't satisfy everybody. Yes, the infrastructure build out could probably only be undertaken by government as a "make work" project to get the U.S. out of it's tech depression.
See, I am so valuable to the security of the U.S. They ought to gimme the LC1 Green Card already and let me help them implement this.
If screening like this can stop some kind of terrorist attack like 9/11, then I think we (in the US) should be 100% behind it.
The problem with this kind of reasoning is that it is not much different from the argument that if one can kill all but 13 citizens, they can walk on a murder rap: you need a judge, prosecutor, and 12 jurors to convict. More frighteningly, it justifies the apriori killing of everyone else becuase that assures that there will be no one to left to possibly kill one.
See how absurd those arguments are? Yet, they stem from the same line of reasoning. While it is not being taken to that logical conclusion, the reduction in civil liberties we we see today simply represents a compromise in the same kind of absurdity.
The truely sad thing is, I don't think this increases security one iota.
Then you just move all the problems from the "monitor" or the software solution over to the key transport boxes it doesn't really add anything.
They both have to be sufficiently secure, yes. There are well-known anti-tamper techniques that go a long way toward this goal, with reasonable costs that would go down if the technology were widespread. And, I can think of other uses for such a box.
The only advantage I can see over the monitor ships with a key is that if a key gets compromised or a key system gets compromised its somewhat easy to roll out new keys. But at let say $50 per household for a loadup its still not cheap.
Right, people should not suffer because of key loss or have to register all their keys with a national or industruy registry (but even this, for the sole purpose of entertainment equipment and content isn't all that bad as general key escrow). As for the cost of rolling out a new key: how much does it cost to get in your house if you lock yourself out? Similar problem. It's cost X likelihood that matters.
You are missing the point, cryptosystems need the private key to stay private, physical access is a serious threat to private information.
Which is why it is the responsibility of the monitor and or transport box to keep it secure. There are ways to do this involving a web of trust over signed purported public keys. Again, any such mechanism will be at least as secure as any other key-based security mechanism the ??AAs come up with (which, in the absense of alternatives, they will), but much more fair.
So you see what I mean about the monitor makers having to include parts they don't know about from the outside vendor.
What more do they have to know than the operating and interface specifications? In fact the parts can come from multiple sources, manufactured under license. Or, they could form a core VHDL description of circuitry that could be licensed for embedding into a graphics or video DAC chip.
I'd agree your system is fairer but it also requires a great deal of organization.
Yes, no denying that. However, when the ??AAs cry, "We need laws to dicatate THIS to protect our content," we can respond, "No, this does it just as well -- if we are to have laws to protect YOU, they have to be fair to US." I think it is important to have such a response.
Also, don't forget that such an infrastructure can be leveraged for "convenient" secure communication of other kinds of data -- the downside being that your private keys aren't effectively "yours" but are escrowed -- remember that some content could be tagged to be disclosed to the "user" of the private key. The government would love this! And frankly, I'd not care that what I'd ordinarily send as unenencrypted email would be encrypted except from the prying eyes of government -- if I REALLY want to keep something secret I'd use my own key-pairs. The danger is that non-escrowed keys may be deemed illegal, but we've gone down that route and the backlash was significant.
Now money (i.e. subsidy) makes getting people on board easy. But if we start talking $300 or more per consummer for hardware + replacement costs + cost of actual entertainment I'm really not sure it works as a solution.
This is easily done with appropriate legislative pressure (i.e. Congress to ??AAs: "This is the ONLY kind of DRM you can have"), as well as folding it into early adopter costs -- tie it into the new uber-high-definition interactive-content broadcasts and super-DVDs. Think DVDs have interactive menus now? Imagine when they are hyperlinked to on-line content, perhaps P2P services linking you to others who have the same movie and want to discuss it.
The cost of physical copies pales in comparison to this setup.
Like it pales to the (initial) cost of the playback devices (CDs, DVDs, satellite receivers, etc.)? I suppose, but that has not been a deterrent to growing the corresponding nascent markets.
However, what this needs to succeed is value provided to the consumer as well as the content provider. A national security infrastructure, ostensibly for entertainment content copyright protection, that could be leveraged for "secure except from the government" communications (think most mail, and certainly email) would probably get support from three ares:
1. The entertainment industry: Grudgingly, perhaps, but that's all they should fairly get, and a lot more than they have now.
2. Network infrastructure providers: with the floodgates open on legitemate movie downloading, boy with the need for bandwidth go up. (And, sending home videos to Aunt May, while keeping them from prying eyes, would never be easier).
3. Government. Oh, they'd drool over this! Of course, WE would use proper secure communication when we wanted, but what a way to inflict key escrow on the masses? Perhaps that's a cruel view on my part, but Caveat Emptor when it comes to selecting a secure communication scheme.
Why get the computers involved at all?
How else are you going to do this without processing? Of course, I'm thinking of this in the context of embedded processors and not necessarily general purpose computers.
The bottom line is that if the ??AAs want DRM, we can demonstrate a DRM mechanism that's fair, countering their FUD that "it has to be this way to protect our interests" -- no, it can be THIS way, and still protect your purported interests while being fair to us. Utility companies invest billions in infrastructure buildout to keep up with the changing times. It's about time the entertainment industry pony up some bread if it wants to keep up with the times as well.
Anyway I don't think either thing happens, as I've commented in another thread; I don't see the MPAA and RIAA lining the entertainment providers for some sort of very generous licensign scheme that would make Palladium popular enough that they could use it. I think they are going to just have to live with unsecure content.
That can't work. If I can just set the monitor's key then I can distribute movies with a "you need to load ABC key on your monitor to view this". Movie / key pairs running around are no better from the MPAA's perspective then unencrypted movies.
I was not clear, perhaps. Installation of such keys would be from secure "key transport" boxes on which the key pairs would be loaded. The box would securely exchange the private key with trusted counterparts, and the public key to anyone.
This still allows for the box to "get around" to friend's houses, but does not scale to widespread distribution. Yes, another infrastructure requirement.
Remember the customer is who the MPAA is encrypting against.
Exactly why the customer doesn't get the private key -- his equipment, which both he and the content provider trust, does.
I'd agree with you but a proper crytographic system doesn't have to worry about the person you are encrypting against having physical access to the private key.
??? Of course it does! This is just the unusual case of the ultimate content consumer not being the key recipient.
Hardware built into the monitor is less accessable than a harddrive on a computer but there are ways to hack hardware.
And I've shown that there are very secure hardware mechanisms out there. Of course, at some point you do get an analog signal, but (a) casual piracy still gets defeated, and (b) simple possession of decrypted material is criminal -- if it "looks" like a protected movie to s jury, the crime was comitted. Widespread distribution of such material causing a real dent in revenue would also be easy to catch. Right now, plain text movies are easy to hide because there is so much, er, plain text.
The biggest problem is I don't think the MPAA can trust every monitor maker, so that's why they would want the key parts made by a single company.
Yes, and that is not unreasonable.
Even if they could however I'm not sure we'd be just looking at script kiddies here. There are organizations that are angry at hollywood within the United States. There is a 3rd world market which likes american content and corporations there that could organize the research...
Obtaining plain text digital copies and hardening monitors against tamering can be made arbitrarily difficult. And, suprisingly, it does not take much to defeat the casual infringer. The hard-core infringer needs to profit from his operation and is easily uncovered because of his need to cover costs.
In any case, the mechanisms I propose are at least as secure as present DRM reccomendations (I'd argue more so), but a lot more fair and respectful of what consumers want to do with digital content.
If the content providers want to protect their content effectively and fairly, they will have to subsedize the building of the infrastructure that permits this. Unfortunately, the biggest flaw in my approach is that their content can be protected equally securely at much lower cost with negligable infrastructure build-out, but at the expense of the consumer's fair use rights and expectations.
Except for one problem there are multiple monitor manufacturers and only one IBM, so its easier for IBM to keep secrets.
A proper cryptographic system relies only on the secrecy of the private (asymetric) or secret (symentric) key, and not on the encryption algorithm. In this case, each instance of a monitor would either have a unique private key, or the means to securely install one.
You might be able to get them to all agree to bundling decryption hardware they know nothing about but that is going to be hand to organize.
Perhaps, but if Sen. Hollings et. al. get there way they will have to. I'd rather that if that happens, it is something we can live with.
Think about what's required:
1 - A vendor developes a very secure decryption system which is very very cheap
Right now, the manufacturing costs are high for such systems, but some security could be compromised as long as it foils the amateur cracker. The IBM system I alluded to was immune to temperature-related probing, as well as X-Rays, and other techniqus. Probably way overkill. There are secure PKI "keybuttons" available that are inexpensive and offer adequate security for this type of application.
2a - (almost) All the monitor manufactuers agree to bundle on (almost) all monitors (without almost all it doesn't do any good since this is designed for mass communication)
Monitors that do not have this feature can not display encrypted digital content. Actually, there have been efforts undertaken for a non-PKI system similar to this: HDCP (not to be confused with DHCP). As DVI is still rare, folding it in would not be too difficult if mandated.
2b - The new entertainment service is compelling enough to get customers to buy the new monitors
Yes, though back-compatibility can be had with video cards that provide reduced resolution rendering of encrypted content (and permitting analog copying of same). This is the proposed state of HD receivers that should be crippled to 480p based on content flags. I agree that this is a contentious issue.
3 - Everyone agrees to make this the video standard; and customers are able to register as they switch monitors in reasonable ways.
Actually, I envision customers getting personal public and private "entertainment content" key pairs, with the secret private part loadable on a capable monitor. You do need signing authorities set up, and a web of trust, as well as disclosure of the public key to a content provider to encrypt content for you. However, the binding between this and the actual recipient does not have to be any stronger than an email address which can be relatively anonymous.
I just don't see that as likely. I agree though that's its very creative in that it allows the path from the movie company to the monitor to be untrusted; and at the same time offers full features. It also eliminates all the privacy concerns and enhances freedom. Its just that it requires so much to fall into places so quickly..
Yes, the downsides are the necessary infrastructure that it requires and the expense of secure hardware. But, it is the only DRM scenario that has any hope in hell of being fair.
The MPAA and RIAA have already vetoed this kind of solution because so many people would need to know information about the decryption were it to be used throughout the united states and possibly the world.
Eh? The ??AAs would merely have to satisfy themselves that the relevent hardware manufacturer kept the private keys secret on the hardware itself. Yes, this does mean serialized hardware, but this need not necessarily be tied to the individual who buys it (though that might be convenient and not unreasonable to know who the licenses of copyright content were).
The result is you couldn't keep enough information secret and software decrypters would soon exist.
I don't follow. Xing's messup notwithstanding, the DVD CCA did a pretty good job of keeping CSS secret until it was reverse engineered. The kind of hardware I envision would make reverse engineering notoriously difficult. I'm thinking of the kind of stuff used in ATMs that IBM makes and who's particular model/product number escapes me at the moment. Of course, these things cost about US$4000 at the moment, but mass production would bring that down.
Think about it this way how is the internet site to tell the difference between a real public key from the monitor and a fake without knowing a lot of information about how the public keys are generated?
The same way your browser verifies that a remote site is who they claim to be: the monitor's public key is signed by a signing authority trusted by the content provider, or several signing authorities, for that matter. This all happens when the monitor is manufactured.
If the service know that information then I do too and can generate a fake key from software.
Er, no. You wouldn't be able to sign the key appropriately. This is the same issue that makes self-signed SSL certificates result in a warning window popping up in a web browser: the browser knows of a few signing authorities and won't recognize a self-signed certificate unless told to.
If they don't know it then they can't tell if any key is real or fake.
Surprisingly, they can. See above.
You are right about one thing: this can't be done in software that the computer owner has access to, for all the reasons you mention. But, software that is so priveleged to have that kind of control of your hardware is precisely the software that you do want to have source to. Of course, locking the user out of her CPU is easier than making secure communucation paths from content provider to monitor: you don't need a whole trust infrastructure set up to do it.
Now, I can envision a "trusted computing" processor which loads encrypted instructions into an on-chip cache, decrypts them and checks their signature. But, precisely because this wrests control from the owner of the processor, the CPU priveleges with which such code could execute would have to be minimal indeed, or at least gated by something like Sun's Java security model (i.e. this code, singned by Microsoft, wants to access this part of the PCI bus (video card)). It's possible, but neither cheap, nor easy.
If hardware can do it software can do it (though perhaps not as quickly).
Oh sure, but the whole idea of using dedicated hardware is that it can contain a secure private key. The public key is used to encrypt specifically for that hardware (in the monitor or at least video card). If this is done in software, exposing them private key is far too easy. Some complexity arises when you have multiple display devices, or wish to replace a broken one, but this can be handled by a secure means of installing a common private key (which is assigned to you and for which you have the public key but not the private key) on all of them
Further using a dubugger its easy to see how the information is being decrypted and release an unprotected version of the data.
This is exactly why you want to do this in secure hardware and not software, i.e. on the video card or more likely digital monitor. One can always get a lower resulution analog copy at some level of fidelity, but if no such things should exist and end up being rampantly distributed, simply demonstration possession of such a thing would be incriminating.
DRM is like anything else, a tool that can be used for good or evil. It is no worse than SSL, for example, and would rely on the same mathematical principles. If you decry DRM, then you should also decry online anonymity.
However, the present impending applications for DRM certainly appear evil from a tradtional fair use perspective, you know, "copy for yourself but please don't redisribute" (yes, the legal definition of fair use is more tortuous, and "common sense fair use" might not qualify, but it damn well should). Part of the difficulty stems from a desire to control the user's computer, lock, stock, and barrel; or not at all, which will increasingly become impractical.
Remember Sun's ideas about "write once, run anywhere?", "sandboxes", and "trusted executable content"? That's what DRM should look like (well, except the "write once, debug everywhere" part):
DRM is a technology that, with hardware assistance, assures remote parties that their data is used in the manner intended while permitting the local "processing environment provider" (i.e. owner of the equipment on which it runs), to control third-party executable code. Microsoft's approach would remove that control.
If the primary motivation is protection of content, then that content can be keyed to display hardware, with reduced resolution permitted for extracts for purposes of parody or criticism. Where full-resolution extracts are necessary, a list of extracts can reference a public "library" copy, necessary for copyright to be granted in the first place (much like patent disclosure and unlike the present copyright system). The issue then reduces to one of key management between and among the various pieces of digital hardware one owns (you don't want to relicense something because your TV breaks or to watch it on a different TV you bought).
Executable code is a bit more problematic, since now one wants to control the execution environment provider's processor -- in general unknown third-party code should run in a restricted sandbox, the restrictions depending on how much that code provider is trusted. Sun got this right. This makes sense: how can you fully trust third-party code that you can't check for lack of source? It also means that DRM supporting code must be open, and preferrably free in the GPL sense. Microsoft just addresses the flip side: how can we trust that your processor will execute our code as intended, which is not an unreasonable concern, though not as pressing as protecting copyright content.
To some extent, the need for a "trusted computing platform" is reduced if the decryption if protected content is done in specialized hardware: the hardware is the trusted platform for decrypting that content, and is acceptable to the computer owner as well because it is severely restricted in what it can do -- I have yet to see a video card format a hard drive or "phone home" and report one's viewing habits (not that such a thing couldn't be built, but it would be clearly out of bounds for a video card to do that.
Trusted operating systems are problematic because this is the most important area where the computer owner, not a content provider, should be in control: getting such an O/S signed would be difficult due to the sheer number of user-patched varients, and ineffective, in case of a security flaw in the O/S itself. (Even Microsoft would not be immune from this risk: a trusted O/S might still be vulnerable to security-related bugs within it).
So, while third-party trust of your execution of their code might involve relinquishing control of your computer, if the only justification for this is content copyright protection, there are other ways to achieve that goal via dedicated PKI-enabled display hardware dedicated to the task. The only legitimate need for this kind of third-party control is for distributed client-server applications (think SETI, multi-user online games, etc.). Let's deal with content first and hold off on "trusted computing" until it's clear that that kind of trust has to extend both ways.
Yeah. I came away with the feeling that XML is the Cobol of the new millenium strongly reinforced. If anything, XML should be the source code for what actually gets exchanged in a machine-agnostic fashion (anyone remember XDR?).
You were at Concordia, though, and we all know all about Concordia
What is that supposed to mean? That Concordia was a poor university (McGill didn't have a Computer Science program at the time)? Or that they were just "different". If so, did the difference extend to all universities within Quebec (which would not surprise me)?
If you want to insult my alma mater, feel free -- I have a thick skin (and presently live in Texas, where nothing brings out the old 12ga faster than an insult).
How can one possibly use courses as credit toward two degrees? Is is that different in the U.S. (compared to Canada)?
When I received my B.Comp.Sc. (honours), if I wanted a math degree on top of it, I'd have to spend another three years at it, and it would have been difficult since many of the required math courses already counted toward my honours specialization (basically ALL four minors at the same time: math, biz, engr., and "pure"). Of course, the specialization should not be confused with graduating "with honours" (i.e. magna or summa cum laude) as that was ALREADY a requirement to get the defree conferred.
In my case, I ended up continuing toward a M.Comp.Sc. graduate degree, and stopped short of the Ph.D. because then I'd be over-qualified for anything other than a teaching position (which I did not want).
Here's what the customer experience has to be to make something like this OK for the mass market:
1. Turn on.
Get universal remote for TV/STB and turn both on and select the STB as TV input. Maybe turn on A/V [5|6|7].1 A/V receiver too. Perhaps user has a fancy remote with macros to do this with one button.
2. Select media.
Browse for media like one would a channel guide, with a web-like interface on the TV, perhaps.
3. Push play.
Click on desired program.
What this idea would look like:
1. Turn on "media adapter"
O.K., we've done that.
2. Walk across the house to where the computer is.
Whatever for?
3. Boot computer. Wait 5 minutes for boot.
Why? The home media server should be burried away somewhere, in a closet, or basement, or utility room, or something -- always on. It's prolly sinking your email and scraping TV channel lineups as well.
4. Walk back to living room.
Not necessary. See 3 above.
5. Find remote for media adapter.
If ya dinna hafta go nowhere, how could you have lost the darned thing? O.K. O.K. TVs should have a button that makes the remote go "beep".
6. Browse through dozens of menus and file systems to locate content
Er, kinda like a satellite channel menu? Maybe better organized. Maybe we can have several "favorites" buttons on the remote, you know, "B" for Britney Spears video, and "J" for Jenna Jamison pr()n. [Note to self: remember to implement mod_parental for Apache]. Seriously, though, I can imagine third-party installable sites and skins for organizing stuff like this on the web server sitting inside the media server.
7. Computer crashes. Repeat steps 2-6.
What part of "Thou shalt not run a Microsoft O/S" didn't you get in hacker-wannabe school?
8. Push play.
Heck, by this time the geek is already groping around for something to clean his mess up with, having pushed the "J" favorites button.
9. Wait for content to buffer.
Repeat after me: s-t-r-e-a-m-i-n-g---v-i-d-e-o, not to mention the nice, fact, predictible 100 Mb/s switched ethernet ya got. 802.11b would leave old Jenna'Ho as jerky as..., well never mind. Besides, you really don't want all the local geeky teens in your front yard, with their laptops, drooling, or worse.
10. Little Johnny decides to play his new networked game.
I said SWITCHED ethernet! Pay attention. Besides, Johnny has his OWN gaming machine (such is the price to pay to keep him off the pr()n server).
11. Repeat steps 9-10 until (A) Johnny doesn't get to play any more or (B) you give up.
Heh, if you can "repeat" enuf times, you can trade the J-button for the real thing.
12. Turn off media adapter.
I suppose, if you must.
13. Shut down computer.
Look, if you're that cheap when it comes to electricity, perhaps you need to look at other priorities besides uber-hacker-coolness.
14. Go to bed.
Nah! Just slam another Dew, dude!
I'll wait for the Apple version, thank you.
It does not look like it supports H/W MPEG2 decoding (stream DVDs from the home server, yum!), nor have component video or DVI output.
Also, wired ethernet would be nice -- if I'm streaming unencrypted DVDs from my server to my TV I want to play nice with the ??AAs (At least to that degree) and not broadcast them to my neighbor.
Still, not a bad start: add a Sigma Designs em8470 H/W MGEG 2/4 decoder, and component or DVI video output, and it starts to look useful.
The types of speech you mention are interesting, but I think it would be useful to ask, "When is speech harmful?" Surely, speech should only be restricted if it can be shown to cause what a reasonable person would consider objective, measurable, harm. That kind of rules out "hurt feelings", but may admit "brainwashing" (which generally includes more than just speech). In these cases, simply hearing the speech may lead to mental illness, that is, the speech itself is the agent of harm. I do think, though, that the burden to prove that such mental illness is brought on by particular speech alone, is a difficult one to bear (as it should be).
Another major kind of speech is that which compels us to act. Under normal circumstances, rational people will think about what they hear or read, and come to their own conclusions as to how they should act. My writing "Kill all Microsoft Windows users!" does not magically cause people to go on a murderous rampage. However, there are situations when one does not have the luxery of considering the speech one has encountered, and if one does not act correctly, one can expect to suffer greater harm than if one did. In such a situation, speech that is likely to cause a reasonable person to act incorrectly, to avoid harm might be best restrained.
The classic example is crying "Fire!" in a crowded theatre. If, indeed, there is a fire, and it is serious, the resulting panic to reach the exits may cause some to be harmed, however, this is likely to be as risky as remaining -- oblivious to the danger at hand. However, if there is no fire, the harm caused by the panic is not warranted. Of course, relative likelihood of harm caused by acting vs. not acting is debatable, but that is why we have courts to decide what "reasonable people" would conclude, when the answer is unclear, and someone acted in a manner that many consider inappropriate.
This discussion has centred on what a "reasonable person" would think. Sadly, supposedly "reasonable people" all too often accept statements, espescially from purported authorities, at face value, not questioning them. Some of these statements may place certain individuals in a bad light -- "He is a child molester", harming their stature in society, with all the problems that brings. Should such speech (obviously I'm talking about libel and slander here) be restrained?
The problem stems from what constitutes a "reasonable person". Courts generally interpret that to mean "average Joe/Jane". Many of us might think that such supposedly "reasonable" people are all too quick to not judge what they hear, and read, and thus controversial speech should be restrained from reaching their ears and eyes, lest their resulting actions and opinions harm others. Alas, this prevent the more enlightned from deciding for themselves of the merits of particular speech because they can never encounter it. I suspect this is the greatest source of tension between those who want prior restraint on certain speech and those who unwaveringly accept the First Amendment in toto, with no if's and's, but's, or notwithstanding's.
I would think that the worst kind of restraint upon speech is that which restrains speech that has redeeming value, even if only to a small subset of the population. Software that permits access to lawfully obtained copyright material, even if this could facilitate copyright violation falls into this catagory. Here, the restraint is actually a cause of harm, where the promulgation would only result in a possibility of harm -- and one that would require at least as much effort as would be expended in the legal and useful application of the software.
So, while it may be possible that some speech might cause harm without having any redeeming value (and that is for the would-be censor to prove), the bar to restrain it should still remain very high, indeed.
Slashdot Mirror
Oh, and it should be obvious, but my original post should have noted "two wires" and not "two pairs" with regard to the DSL line at the demark. Silly me.
Yeah, same here.
I had Internet America install my DSL service. They have a self-install option, with micro-filters and all, but it was not available to me because I was so far from the C.O. (15.6 kft) that I needed a dedicated pair to get any decent bandwidth (I chose the 768kb/s down, 384 kb/s up option) -- They said I could probably get that, via ADSL if I opted to go with a dedicated pair, and, if it didn't work, all charges would be refunded. Rather cool, actually.
Of course, the dedicated pair costs me some US$15 a month from the telco for a total of $81.18 a month, but the service has been great: static IP, no caps, I can run "small" servers and so on. And, while it's no doubt a bridged connection, I do see good download speeds. So I'm happy. None of this "ping is a hacker's tool, the use of which violates the AUP" crap.
Anyway, I receive a Broadxtent bridge in the mail, and a note to schedule an appointment. I mount the bridge in my headend, check the demarc, and lo and behold!, I have two brand new pairs already pulled for the DSL service. So, I schedule the install for the next day. Meanwhile, I figure, "Heck, all I have to do is hook up that pair, cross-connect it to the bridge connection on the right 110 block, and configure my router, and I should be all set." Sure enuf, that's all it took.
So, I call Internet America first thing the next day, and tell them to not bother sending the installer, it's alive, kicking, and showing decent up/down speeds. "But sir, we want to make sure it's installed correctly to avoid a service call." O.K., I can understand this. "Anyway, you paid the $150 installation fee (the telco pair drop portion was unavoidable anyway) -- might as well have the tech stop by." Well, O.K. then.
Tech shows up, looks at my computer, working fine, with an RJ45 cable snaking off (I hadn't finished the drop to that room yet, so I just snaked a cable back to the headend), and asks, "Where's our modem?" "The headend," I reply, "I hadn't installed the drop to this room yet. Follow the ethernet cable."
So, he does, and sure enough, I hear a "Damn! I wouldn'tve done as good a job!" He smiled, we talked shop for about 10 minutes, and that was it.
To their credit, Internet America left my computer alone, gave me a static IP with no fuss, and have provided decent service since. The Broadxtent bridge locks up every few months, but a power-cycle fixes that.
SHHHH!
How many of us must use Microsoft software at work?
What if Microsoft, as part of a security update EULA, added the clause, "users of software affected by this security update are forbidden from contributing to software designed to compete with Microsoft products?"
What then?
Well, aside from RMS getting the legitimate right to go "I told you so!"ing, perhaps an analogy might help:
I produce carbon dioxide via exhalation. Others are permitted to use this carbon dioxide for human breathing (via the use of plants) so long as they do not compete with me for the resources of the Earth, or, in any way, hinder my life. Upon being informed of a violation of this license, it shall be incumbant upon the alleged violator to prove they have not used any of the carbon dioxide I produce.
There, how's that? It can be relatively easily shown that each breath anyone takes is bound to have some molecules of oxygen from the transformation (via a plant) of the carbon dioxide I exhale. I have effectively produced a license that makes everyone in the world my slave.
Would anyone successfully argue that what my body produces is not mine to license at will?
O.K., the analogy isn't perfect (in that one has little choice in being exposed to what I produce), and others could foist the same license on me in retalliation, but the point is that using BitKeeper may taint the production of particularly useful free software, in the same way that the GPL is accused of being "viral".
Use it to maintain the Linux kernel, and perhaps you can't now develop a BitKeeper clone under Linux because of the "pollution".
If anything, license shenanigans like this one are the one thing that justify RMS' concern and disdain for non-free software.
While at Teradyne, I had the pleasure of working with two great contract Sysadmins, both legally blind. They basically did the same thing: huge fonts on a monitor.
Cracking the key box (or display device for that matter), would yield private keys for a single owner's display devices (and thus content encrypted with them). While I suppose these keys could be distributed to other display devices, you'd need to encrypt them with appropriately signed public keys. At the very least this means cracking the key box's private key as well.
Key repudiation mitigates this problem somewhat, but it requires occasional distribution of repudiated keys to key boxes and display devices. I don't like the idea to which this translates: relicensing content via re-certifying key boxes and display devices. I suppose key repudiations could be included in content streams.
However, this presumes the key boxes and display devices can be cracked. There are specialized cryptographic processors that make this difficult: (1) they are pretected from xray, (2) they are protected from physical probing, (3) they destroy cached keys upon extreme temerature or shock conditions suggestive of tampering.
I suppose they still could be cracked, given enough time, effort, and money -- they key is to make this economically unworthwhile: all you get is the ability to decrypt one person's content (which could easily be detected if warezed to any large degree because of the plain text nature of it), and an awkward process for trying to build a key box that can distribute to others, so that other content could be decrypted.
I can imagine a repudiation mechanism built into the content provider's networks: they'd refuse to encrypt with public keys of known cracked boxes.
The downside is that the key boxes would likely be expensive: current equivalents on secure comm cards for PCs run around US$4000 -- but they suffer from not being produced in large quanities.
1. You deploy DRM with little boxes, called "key boxes". They come with their own secret private and public keys of which they expose the latter to secondary key providers. These download those keys to the key boxes, safe in the knowledge that the box knows the key, but the owner of the box doesn't. The key boxes can be trusted because they're public keys are appropriately signed.
These key boxes distribute the private keys they hold to display devices (to a limit), and the public keys to anyone. Private keys can be "returned" from the display device to the key boxes. Appropriately signed public keys create a web of trust all around. Basically, you can receive encrypted content and only display it on approved equipment, but make as many copies as you want.
The key boxes also can hold key pairs where you know the private key, but such keys are useless for protected content because the public keys are not "blessed" by the right signing authorities that the relevant ??AA trusts. Still, they conveniently carry your secure keys for email, etc.
2. The content providers lobby for, and get legislation, to mandate the use of this system. The consumer electronics industry ramps up and leads the charge out of the slump. Conversion boxes are used for legacy analog displays at "reduced" resolution. But, new fangled all-digital secure TVs and speakers start to arrive.
3. Having taken a collective Valium, content provides start releasing content over the net, secure that it can't be redistributed at will. The demand for high-speed internet access heats up, for real this time.
4. People start using these "secret" private keys for email. In the event that such keys get lost, provision is made to permit them to be escrowed for safe keeping in recognized "key banks". Again, a key box can disclose a secret private key to a key bank if the key bank's public key has been properly certified.
The government, of course, to appear to strike "balance" in the call for DRM sets it self up as a key bank that all content providers must trust. People use secret private keys for casual email (because it is now so easy). The government drools over the key escrow by fiat it now has, and boasts that it has "secured the internet" (as most traffic will now be strongly encrypted).
And that's how to save the U.S. economy.
No, it won't satisfy everybody. Yes, the infrastructure build out could probably only be undertaken by government as a "make work" project to get the U.S. out of it's tech depression.
See, I am so valuable to the security of the U.S. They ought to gimme the LC1 Green Card already and let me help them implement this.
The problem with this kind of reasoning is that it is not much different from the argument that if one can kill all but 13 citizens, they can walk on a murder rap: you need a judge, prosecutor, and 12 jurors to convict. More frighteningly, it justifies the apriori killing of everyone else becuase that assures that there will be no one to left to possibly kill one.
See how absurd those arguments are? Yet, they stem from the same line of reasoning. While it is not being taken to that logical conclusion, the reduction in civil liberties we we see today simply represents a compromise in the same kind of absurdity.
The truely sad thing is, I don't think this increases security one iota.
This is an example of a piece of code that does the "right" thing, but for the wrong reasons.
Note: I have no affiliation with Acoustic Visions other than a very satisfied customer.
BTW, I am now a nerd for hire. See here if you're looking -- would accept H1B transfer or TN1, preferably in the Dallas area or relo back to Canada.
...what, you thought I was going to say fish?
They both have to be sufficiently secure, yes. There are well-known anti-tamper techniques that go a long way toward this goal, with reasonable costs that would go down if the technology were widespread. And, I can think of other uses for such a box.
The only advantage I can see over the monitor ships with a key is that if a key gets compromised or a key system gets compromised its somewhat easy to roll out new keys. But at let say $50 per household for a loadup its still not cheap.
Right, people should not suffer because of key loss or have to register all their keys with a national or industruy registry (but even this, for the sole purpose of entertainment equipment and content isn't all that bad as general key escrow). As for the cost of rolling out a new key: how much does it cost to get in your house if you lock yourself out? Similar problem. It's cost X likelihood that matters.
You are missing the point, cryptosystems need the private key to stay private, physical access is a serious threat to private information.
Which is why it is the responsibility of the monitor and or transport box to keep it secure. There are ways to do this involving a web of trust over signed purported public keys. Again, any such mechanism will be at least as secure as any other key-based security mechanism the ??AAs come up with (which, in the absense of alternatives, they will), but much more fair.
So you see what I mean about the monitor makers having to include parts they don't know about from the outside vendor.
What more do they have to know than the operating and interface specifications? In fact the parts can come from multiple sources, manufactured under license. Or, they could form a core VHDL description of circuitry that could be licensed for embedding into a graphics or video DAC chip.
I'd agree your system is fairer but it also requires a great deal of organization.
Yes, no denying that. However, when the ??AAs cry, "We need laws to dicatate THIS to protect our content," we can respond, "No, this does it just as well -- if we are to have laws to protect YOU, they have to be fair to US." I think it is important to have such a response.
Also, don't forget that such an infrastructure can be leveraged for "convenient" secure communication of other kinds of data -- the downside being that your private keys aren't effectively "yours" but are escrowed -- remember that some content could be tagged to be disclosed to the "user" of the private key. The government would love this! And frankly, I'd not care that what I'd ordinarily send as unenencrypted email would be encrypted except from the prying eyes of government -- if I REALLY want to keep something secret I'd use my own key-pairs. The danger is that non-escrowed keys may be deemed illegal, but we've gone down that route and the backlash was significant.
Now money (i.e. subsidy) makes getting people on board easy. But if we start talking $300 or more per consummer for hardware + replacement costs + cost of actual entertainment I'm really not sure it works as a solution.
This is easily done with appropriate legislative pressure (i.e. Congress to ??AAs: "This is the ONLY kind of DRM you can have"), as well as folding it into early adopter costs -- tie it into the new uber-high-definition interactive-content broadcasts and super-DVDs. Think DVDs have interactive menus now? Imagine when they are hyperlinked to on-line content, perhaps P2P services linking you to others who have the same movie and want to discuss it.
The cost of physical copies pales in comparison to this setup.
Like it pales to the (initial) cost of the playback devices (CDs, DVDs, satellite receivers, etc.)? I suppose, but that has not been a deterrent to growing the corresponding nascent markets.
However, what this needs to succeed is value provided to the consumer as well as the content provider. A national security infrastructure, ostensibly for entertainment content copyright protection, that could be leveraged for "secure except from the government" communications (think most mail, and certainly email) would probably get support from three ares:
1. The entertainment industry: Grudgingly, perhaps, but that's all they should fairly get, and a lot more than they have now.
2. Network infrastructure providers: with the floodgates open on legitemate movie downloading, boy with the need for bandwidth go up. (And, sending home videos to Aunt May, while keeping them from prying eyes, would never be easier).
3. Government. Oh, they'd drool over this! Of course, WE would use proper secure communication when we wanted, but what a way to inflict key escrow on the masses? Perhaps that's a cruel view on my part, but Caveat Emptor when it comes to selecting a secure communication scheme.
Why get the computers involved at all?
How else are you going to do this without processing? Of course, I'm thinking of this in the context of embedded processors and not necessarily general purpose computers.
The bottom line is that if the ??AAs want DRM, we can demonstrate a DRM mechanism that's fair, countering their FUD that "it has to be this way to protect our interests" -- no, it can be THIS way, and still protect your purported interests while being fair to us. Utility companies invest billions in infrastructure buildout to keep up with the changing times. It's about time the entertainment industry pony up some bread if it wants to keep up with the times as well. Anyway I don't think either thing happens, as I've commented in another thread; I don't see the MPAA and RIAA lining the entertainment providers for some sort of very generous licensign scheme that would make Palladium popular enough that they could use it. I think they are going to just have to live with unsecure content.
I was not clear, perhaps. Installation of such keys would be from secure "key transport" boxes on which the key pairs would be loaded. The box would securely exchange the private key with trusted counterparts, and the public key to anyone.
This still allows for the box to "get around" to friend's houses, but does not scale to widespread distribution. Yes, another infrastructure requirement.
Remember the customer is who the MPAA is encrypting against.
Exactly why the customer doesn't get the private key -- his equipment, which both he and the content provider trust, does.
I'd agree with you but a proper crytographic system doesn't have to worry about the person you are encrypting against having physical access to the private key.
??? Of course it does! This is just the unusual case of the ultimate content consumer not being the key recipient.
Hardware built into the monitor is less accessable than a harddrive on a computer but there are ways to hack hardware.
And I've shown that there are very secure hardware mechanisms out there. Of course, at some point you do get an analog signal, but (a) casual piracy still gets defeated, and (b) simple possession of decrypted material is criminal -- if it "looks" like a protected movie to s jury, the crime was comitted. Widespread distribution of such material causing a real dent in revenue would also be easy to catch. Right now, plain text movies are easy to hide because there is so much, er, plain text.
The biggest problem is I don't think the MPAA can trust every monitor maker, so that's why they would want the key parts made by a single company.
Yes, and that is not unreasonable.
Even if they could however I'm not sure we'd be just looking at script kiddies here. There are organizations that are angry at hollywood within the United States. There is a 3rd world market which likes american content and corporations there that could organize the research...
Obtaining plain text digital copies and hardening monitors against tamering can be made arbitrarily difficult. And, suprisingly, it does not take much to defeat the casual infringer. The hard-core infringer needs to profit from his operation and is easily uncovered because of his need to cover costs.
In any case, the mechanisms I propose are at least as secure as present DRM reccomendations (I'd argue more so), but a lot more fair and respectful of what consumers want to do with digital content.
If the content providers want to protect their content effectively and fairly, they will have to subsedize the building of the infrastructure that permits this. Unfortunately, the biggest flaw in my approach is that their content can be protected equally securely at much lower cost with negligable infrastructure build-out, but at the expense of the consumer's fair use rights and expectations.
A proper cryptographic system relies only on the secrecy of the private (asymetric) or secret (symentric) key, and not on the encryption algorithm. In this case, each instance of a monitor would either have a unique private key, or the means to securely install one.
You might be able to get them to all agree to bundling decryption hardware they know nothing about but that is going to be hand to organize.
Perhaps, but if Sen. Hollings et. al. get there way they will have to. I'd rather that if that happens, it is something we can live with.
Think about what's required: 1 - A vendor developes a very secure decryption system which is very very cheap
Right now, the manufacturing costs are high for such systems, but some security could be compromised as long as it foils the amateur cracker. The IBM system I alluded to was immune to temperature-related probing, as well as X-Rays, and other techniqus. Probably way overkill. There are secure PKI "keybuttons" available that are inexpensive and offer adequate security for this type of application.
2a - (almost) All the monitor manufactuers agree to bundle on (almost) all monitors (without almost all it doesn't do any good since this is designed for mass communication)
Monitors that do not have this feature can not display encrypted digital content. Actually, there have been efforts undertaken for a non-PKI system similar to this: HDCP (not to be confused with DHCP). As DVI is still rare, folding it in would not be too difficult if mandated.
2b - The new entertainment service is compelling enough to get customers to buy the new monitors
Yes, though back-compatibility can be had with video cards that provide reduced resolution rendering of encrypted content (and permitting analog copying of same). This is the proposed state of HD receivers that should be crippled to 480p based on content flags. I agree that this is a contentious issue.
3 - Everyone agrees to make this the video standard; and customers are able to register as they switch monitors in reasonable ways.
Actually, I envision customers getting personal public and private "entertainment content" key pairs, with the secret private part loadable on a capable monitor. You do need signing authorities set up, and a web of trust, as well as disclosure of the public key to a content provider to encrypt content for you. However, the binding between this and the actual recipient does not have to be any stronger than an email address which can be relatively anonymous.
I just don't see that as likely. I agree though that's its very creative in that it allows the path from the movie company to the monitor to be untrusted; and at the same time offers full features. It also eliminates all the privacy concerns and enhances freedom. Its just that it requires so much to fall into places so quickly..
Yes, the downsides are the necessary infrastructure that it requires and the expense of secure hardware. But, it is the only DRM scenario that has any hope in hell of being fair.
Eh? The ??AAs would merely have to satisfy themselves that the relevent hardware manufacturer kept the private keys secret on the hardware itself. Yes, this does mean serialized hardware, but this need not necessarily be tied to the individual who buys it (though that might be convenient and not unreasonable to know who the licenses of copyright content were).
The result is you couldn't keep enough information secret and software decrypters would soon exist.
I don't follow. Xing's messup notwithstanding, the DVD CCA did a pretty good job of keeping CSS secret until it was reverse engineered. The kind of hardware I envision would make reverse engineering notoriously difficult. I'm thinking of the kind of stuff used in ATMs that IBM makes and who's particular model/product number escapes me at the moment. Of course, these things cost about US$4000 at the moment, but mass production would bring that down.
Think about it this way how is the internet site to tell the difference between a real public key from the monitor and a fake without knowing a lot of information about how the public keys are generated?
The same way your browser verifies that a remote site is who they claim to be: the monitor's public key is signed by a signing authority trusted by the content provider, or several signing authorities, for that matter. This all happens when the monitor is manufactured.
If the service know that information then I do too and can generate a fake key from software.
Er, no. You wouldn't be able to sign the key appropriately. This is the same issue that makes self-signed SSL certificates result in a warning window popping up in a web browser: the browser knows of a few signing authorities and won't recognize a self-signed certificate unless told to.
If they don't know it then they can't tell if any key is real or fake.
Surprisingly, they can. See above.
You are right about one thing: this can't be done in software that the computer owner has access to, for all the reasons you mention. But, software that is so priveleged to have that kind of control of your hardware is precisely the software that you do want to have source to. Of course, locking the user out of her CPU is easier than making secure communucation paths from content provider to monitor: you don't need a whole trust infrastructure set up to do it.
Now, I can envision a "trusted computing" processor which loads encrypted instructions into an on-chip cache, decrypts them and checks their signature. But, precisely because this wrests control from the owner of the processor, the CPU priveleges with which such code could execute would have to be minimal indeed, or at least gated by something like Sun's Java security model (i.e. this code, singned by Microsoft, wants to access this part of the PCI bus (video card)). It's possible, but neither cheap, nor easy.
Oh sure, but the whole idea of using dedicated hardware is that it can contain a secure private key. The public key is used to encrypt specifically for that hardware (in the monitor or at least video card). If this is done in software, exposing them private key is far too easy. Some complexity arises when you have multiple display devices, or wish to replace a broken one, but this can be handled by a secure means of installing a common private key (which is assigned to you and for which you have the public key but not the private key) on all of them
Further using a dubugger its easy to see how the information is being decrypted and release an unprotected version of the data.
This is exactly why you want to do this in secure hardware and not software, i.e. on the video card or more likely digital monitor. One can always get a lower resulution analog copy at some level of fidelity, but if no such things should exist and end up being rampantly distributed, simply demonstration possession of such a thing would be incriminating.
However, the present impending applications for DRM certainly appear evil from a tradtional fair use perspective, you know, "copy for yourself but please don't redisribute" (yes, the legal definition of fair use is more tortuous, and "common sense fair use" might not qualify, but it damn well should). Part of the difficulty stems from a desire to control the user's computer, lock, stock, and barrel; or not at all, which will increasingly become impractical.
Remember Sun's ideas about "write once, run anywhere?", "sandboxes", and "trusted executable content"? That's what DRM should look like (well, except the "write once, debug everywhere" part):
DRM is a technology that, with hardware assistance, assures remote parties that their data is used in the manner intended while permitting the local "processing environment provider" (i.e. owner of the equipment on which it runs), to control third-party executable code. Microsoft's approach would remove that control.
If the primary motivation is protection of content, then that content can be keyed to display hardware, with reduced resolution permitted for extracts for purposes of parody or criticism. Where full-resolution extracts are necessary, a list of extracts can reference a public "library" copy, necessary for copyright to be granted in the first place (much like patent disclosure and unlike the present copyright system). The issue then reduces to one of key management between and among the various pieces of digital hardware one owns (you don't want to relicense something because your TV breaks or to watch it on a different TV you bought).
Executable code is a bit more problematic, since now one wants to control the execution environment provider's processor -- in general unknown third-party code should run in a restricted sandbox, the restrictions depending on how much that code provider is trusted. Sun got this right. This makes sense: how can you fully trust third-party code that you can't check for lack of source? It also means that DRM supporting code must be open, and preferrably free in the GPL sense. Microsoft just addresses the flip side: how can we trust that your processor will execute our code as intended, which is not an unreasonable concern, though not as pressing as protecting copyright content.
To some extent, the need for a "trusted computing platform" is reduced if the decryption if protected content is done in specialized hardware: the hardware is the trusted platform for decrypting that content, and is acceptable to the computer owner as well because it is severely restricted in what it can do -- I have yet to see a video card format a hard drive or "phone home" and report one's viewing habits (not that such a thing couldn't be built, but it would be clearly out of bounds for a video card to do that.
Trusted operating systems are problematic because this is the most important area where the computer owner, not a content provider, should be in control: getting such an O/S signed would be difficult due to the sheer number of user-patched varients, and ineffective, in case of a security flaw in the O/S itself. (Even Microsoft would not be immune from this risk: a trusted O/S might still be vulnerable to security-related bugs within it).
So, while third-party trust of your execution of their code might involve relinquishing control of your computer, if the only justification for this is content copyright protection, there are other ways to achieve that goal via dedicated PKI-enabled display hardware dedicated to the task. The only legitimate need for this kind of third-party control is for distributed client-server applications (think SETI, multi-user online games, etc.). Let's deal with content first and hold off on "trusted computing" until it's clear that that kind of trust has to extend both ways.
Yeah. I came away with the feeling that XML is the Cobol of the new millenium strongly reinforced. If anything, XML should be the source code for what actually gets exchanged in a machine-agnostic fashion (anyone remember XDR?).
Braised Ox Penis is actually a delicacy in some parts of the world.
What is that supposed to mean? That Concordia was a poor university (McGill didn't have a Computer Science program at the time)? Or that they were just "different". If so, did the difference extend to all universities within Quebec (which would not surprise me)?
If you want to insult my alma mater, feel free -- I have a thick skin (and presently live in Texas, where nothing brings out the old 12ga faster than an insult).
When I received my B.Comp.Sc. (honours), if I wanted a math degree on top of it, I'd have to spend another three years at it, and it would have been difficult since many of the required math courses already counted toward my honours specialization (basically ALL four minors at the same time: math, biz, engr., and "pure"). Of course, the specialization should not be confused with graduating "with honours" (i.e. magna or summa cum laude) as that was ALREADY a requirement to get the defree conferred.
In my case, I ended up continuing toward a M.Comp.Sc. graduate degree, and stopped short of the Ph.D. because then I'd be over-qualified for anything other than a teaching position (which I did not want).
It's late, my spelling sukz, and I'm going home.
1. Turn on.
Get universal remote for TV/STB and turn both on and select the STB as TV input. Maybe turn on A/V [5|6|7].1 A/V receiver too. Perhaps user has a fancy remote with macros to do this with one button.
2. Select media.
Browse for media like one would a channel guide, with a web-like interface on the TV, perhaps.
3. Push play.
Click on desired program.
What this idea would look like:
1. Turn on "media adapter"
O.K., we've done that.
2. Walk across the house to where the computer is.
Whatever for?
3. Boot computer. Wait 5 minutes for boot.
Why? The home media server should be burried away somewhere, in a closet, or basement, or utility room, or something -- always on. It's prolly sinking your email and scraping TV channel lineups as well.
4. Walk back to living room.
Not necessary. See 3 above.
5. Find remote for media adapter.
If ya dinna hafta go nowhere, how could you have lost the darned thing? O.K. O.K. TVs should have a button that makes the remote go "beep".
6. Browse through dozens of menus and file systems to locate content
Er, kinda like a satellite channel menu? Maybe better organized. Maybe we can have several "favorites" buttons on the remote, you know, "B" for Britney Spears video, and "J" for Jenna Jamison pr()n. [Note to self: remember to implement mod_parental for Apache]. Seriously, though, I can imagine third-party installable sites and skins for organizing stuff like this on the web server sitting inside the media server.
7. Computer crashes. Repeat steps 2-6.
What part of "Thou shalt not run a Microsoft O/S" didn't you get in hacker-wannabe school?
8. Push play.
Heck, by this time the geek is already groping around for something to clean his mess up with, having pushed the "J" favorites button.
9. Wait for content to buffer.
Repeat after me: s-t-r-e-a-m-i-n-g---v-i-d-e-o, not to mention the nice, fact, predictible 100 Mb/s switched ethernet ya got. 802.11b would leave old Jenna'Ho as jerky as..., well never mind. Besides, you really don't want all the local geeky teens in your front yard, with their laptops, drooling, or worse.
10. Little Johnny decides to play his new networked game.
I said SWITCHED ethernet! Pay attention. Besides, Johnny has his OWN gaming machine (such is the price to pay to keep him off the pr()n server).
11. Repeat steps 9-10 until (A) Johnny doesn't get to play any more or (B) you give up.
Heh, if you can "repeat" enuf times, you can trade the J-button for the real thing.
12. Turn off media adapter.
I suppose, if you must.
13. Shut down computer.
Look, if you're that cheap when it comes to electricity, perhaps you need to look at other priorities besides uber-hacker-coolness.
14. Go to bed.
Nah! Just slam another Dew, dude! I'll wait for the Apple version, thank you.
Also, wired ethernet would be nice -- if I'm streaming unencrypted DVDs from my server to my TV I want to play nice with the ??AAs (At least to that degree) and not broadcast them to my neighbor.
Still, not a bad start: add a Sigma Designs em8470 H/W MGEG 2/4 decoder, and component or DVI video output, and it starts to look useful.
Another major kind of speech is that which compels us to act. Under normal circumstances, rational people will think about what they hear or read, and come to their own conclusions as to how they should act. My writing "Kill all Microsoft Windows users!" does not magically cause people to go on a murderous rampage. However, there are situations when one does not have the luxery of considering the speech one has encountered, and if one does not act correctly, one can expect to suffer greater harm than if one did. In such a situation, speech that is likely to cause a reasonable person to act incorrectly, to avoid harm might be best restrained.
The classic example is crying "Fire!" in a crowded theatre. If, indeed, there is a fire, and it is serious, the resulting panic to reach the exits may cause some to be harmed, however, this is likely to be as risky as remaining -- oblivious to the danger at hand. However, if there is no fire, the harm caused by the panic is not warranted. Of course, relative likelihood of harm caused by acting vs. not acting is debatable, but that is why we have courts to decide what "reasonable people" would conclude, when the answer is unclear, and someone acted in a manner that many consider inappropriate.
This discussion has centred on what a "reasonable person" would think. Sadly, supposedly "reasonable people" all too often accept statements, espescially from purported authorities, at face value, not questioning them. Some of these statements may place certain individuals in a bad light -- "He is a child molester", harming their stature in society, with all the problems that brings. Should such speech (obviously I'm talking about libel and slander here) be restrained?
The problem stems from what constitutes a "reasonable person". Courts generally interpret that to mean "average Joe/Jane". Many of us might think that such supposedly "reasonable" people are all too quick to not judge what they hear, and read, and thus controversial speech should be restrained from reaching their ears and eyes, lest their resulting actions and opinions harm others. Alas, this prevent the more enlightned from deciding for themselves of the merits of particular speech because they can never encounter it. I suspect this is the greatest source of tension between those who want prior restraint on certain speech and those who unwaveringly accept the First Amendment in toto, with no if's and's, but's, or notwithstanding's.
I would think that the worst kind of restraint upon speech is that which restrains speech that has redeeming value, even if only to a small subset of the population. Software that permits access to lawfully obtained copyright material, even if this could facilitate copyright violation falls into this catagory. Here, the restraint is actually a cause of harm, where the promulgation would only result in a possibility of harm -- and one that would require at least as much effort as would be expended in the legal and useful application of the software.
So, while it may be possible that some speech might cause harm without having any redeeming value (and that is for the would-be censor to prove), the bar to restrain it should still remain very high, indeed.