1> Content must be considered "innocent until proven guilty" with regard to DRM - a file should pass unless it has been tagged in some way.
2> Anonymous speech must be possible.
Otherwise, along with DRM, you get to kiss a bunch of your first amendment rights away too.
DRM systems, perhaps like Palladium, may require a digital certificate to be able to create content: you sign that the work is yours and does not infringe copyright, then post.
That system kills anonymity.
Similarly, systems which require a work is signed before allowing it to be used kill the public domain, and could certainly be used to censor the internet by simply pulling the certificates for any work that people in power do not want to be seen.
Remember: 90+% of the fiber is owned by five companies: content filtering on the wire is possible.
Re:American media companies are scared of interact
on
Net-Nexus Seoul
·
· Score: 2
"Sure I want to be the biggest telecom company in the world, but it's just a commodity. I want to be able to form opinion.
By controlling the pipe, you can eventually get control of the content."
-IDT chairman Howard Jonas
(IDT is an enormous Telco).
Evidence of this point of view (great quote)
on
Net-Nexus Seoul
·
· Score: 1, Redundant
"Sure I want to be the biggest telecom company in the world, but it's just a commodity. I want to be able to form opinion.
By controlling the pipe, you can eventually get control of the content."
- IDT chairman Howard Jonas
Re:It's called Leapfrogging.
on
Net-Nexus Seoul
·
· Score: 2
Yeah, well, the system worked very differently in the sixties and the seventies: the specification for the Blackbird was a single sheet of paper, as opposed to the specification for the C130 which filled six crates.
Congressional pork pretty much destroyed what was once an incredibly efficient military production system.
It's called Leapfrogging.
on
Net-Nexus Seoul
·
· Score: 3, Informative
Later adopters of the technology, rather than sinking their Bux and building their models on the first, shitty generation of the technology, get the good stuff and then surpass the creators of the form.
China, for example, has skipped landlines for phone service in a lot of areas, and gone straight to mobiles.
We're going to see a lot more of this in the next decades, while America drowns under the weight of it's enormous, wasteful military budget (I'm not against a strong America, but I have worked for defense contractors and know the score here) and it's completely outdated model of global politics.
So why no Napster server on Sealand?
on
HavenCo Doing Well
·
· Score: 2, Interesting
Screw all of this decentralized indexing nonsense: just put the napster server on there, but still let the files live where they will.
You want to publish a file. 2> Your system generates a public-private key pair for that file. This is *slow* because it's a big key. 3> Your sign the file. (actually, the hash of the file) 4> Optionally, you generate additional keys and re-sign the file. 5> You keep one or more of these keys. Not the first few, though, because that would identify you as the first person to sign this file. 6> You release the file on to the network.
When somebody downloads the file, if it's kosher, they: 1> Generate a key for the file. 2> Add the key they just generated to the file, sign the file, and every signature on the file. 3> Make a file, with all of the other signatures they signed, available to the machine you just downloaded the file from and to the network in general.
When you're searching for a file, you: 1> Find a file you think meets the search criteria you have. 2> Search the network for signature files for that file. 3> Down load them and check how many valid signatures the file has before you download it.
Now, here's the clever bit: when somebody asks you to download a file, you ask them for signatures: "Show me a file which contains a list of signatures to a key which you hold the private key for (i.e. x signed by y signed by z signed by x).
Each host answers download requests in a "most-signatures-first" format, and **never** honors the same signature file twice.
So, where does this take us? 1> Signatures simply attest that a file is what it says it is. Because the first N signatures are from keys you throw away, there is no evidence you uploaded the file.
2> Reputation is built on having signed a file which is what it says it is. Reputation is *diffuse* - because I sign every file with a different key, each act is atomic: I can't transfer rep. from one file to another.
3> You have to search for your credentials on the network, just like anything else: but only you can use them.
4> Fraud is quite possible: you can generate an endless number of keys and use them to garbage-sign files and propagate junk. However, and this is the key: can the RIAA afford to muster enough computing power to fight against a million hosts?
That's the key: reputation of a given file directly relates to the amount of computer power spent signing it.
You get a benefit from investing that power: first access to files on other machines.
They don't get any benefit at all: it's just a cost, and there are a lot more of us than them.
Finally, reputation is based not on making files available, but on reviewing them, which is clearly legal if you don't make the file available for download too - hence "third party review" becomes a way of building "karma" for the downloads you want.
Management of microcredit loan systems Microcredit loans (of a few tens of dollars, repayable by a group rather than an individual) are rapidly turning into a key aid strategy, but finding people to run the schemes and do evaluations for who should get the loans is difficult. A simputer application could help with data and loan application gathering, and keeping track of repayments. You'd essentially run the local microcredit loan office on one, or perhaps have a traveling bank officer.
Medical expert systems Have been proven to improve medical diagnosis in trained doctors by respectable margins. Even a simple database with appropriate treatment instructions for, say, the 100 most common ailments in the region the machine is in, plus some first aid, could really make a difference. Particularly if it had a preventative medicine bias.
Useful Science Education People do not know what they do not know. A simputer app which contained a basic science and appropriate technology education (concepts like germ theory, designs for things like fuel efficient cooking stoves), which people could query easilly, could be very useful.
Email Dumb as it may sound. Just wait for the "Help, I'm 9 years old, live in Andhar Pradesh, and my family is starving because the harvest failed again. Please do something" emails to begin. More seriously, with email, and a little time, we could see things like pairing of western high-schools with third world villages - they have a question, the highschoolers find the answer for them and email it back.
Trade Similarly, trade becomes possible once you have information, financial structures and transport of goods (and, perhaps, rule of law). There are a lot of skilled crafts people in India - wouldn't you like to be able to order custom-made clothes or furniture for a fraction of what it would cost for generica at the Gap or Ikea? Just amortize the shipping costs (by the container, of course) across a large enough set of trades and this begins to make sense.
Mapping One problem in governing places like India, even in the most basic distribution of help to the poor, is inaccurate or incomplete data about what is going on in the field. If we do end up with a simputer per village at some point in the future, and people log events on the box, mining that data stream may tell us how to help ten times more effectively than before. It may also help the poor organize: PeasantDot.Org - where the rural poor get together to help each other out.
Microelectonics is the only thing I know of which has a sustainable exponential curve anywhere in it's makeup. If we can figure out how to make our current computer technology help the poor a little, as prices drop and the gear gets better, it will help a lot more. Fifteen years down the line, it helps hundreds of times as much, if the mapping from (price per transistor) to (human benefit) holds.
Even if it doesn't, making what we're really good at help the people with nothing makes a lot of sense.
Simputer cost. (vs, say, Palm), and applications.
on
Get Ready For The Simputer
·
· Score: 3, Interesting
Partly, this is the first production run: probably half the run will go to aid agencies for evaluations;-)
Once they get economies of scale going, cost will drop quickly - and in any case the cost of all micro-electronics manufacturing is constantly dropping (except for Apple's LCDs it seems;-)
Plus, we're talking about a one-per-village item, not an individual use device, which is why it takes smart cards. Think of expert systems for microcredit loans, medical diagnosis, first aid, farming and the like - deployed with a voice interface in the back of beyond.
Seriously: the fall-off for technical competence among the general population is at least exponential - remember that half of the world doesn't even have telephones, a lot of people are older and unused to modern gadgets, and so on.
Only a tiny fraction of folks are young at heart enough to enjoy novelty in their everyday objects, and the rest just want the bloody thing to work.
I agree. We should figure out what "fixed" looks like before we end up with a proprietary, patent-bound solution from the Ogre of Redmond.
Not that I wouldn't be worried if Sun were behind this, but we've seen the M$ approach to open systems too often to take this as anything other than a direct threat to the availability of OS-neutral hardware and potentially to the viability of open source all together.
Certainly a nice toy, yeah, much like any other stego app.
But, what's the practical application? Surely traffic analysis makes stuff like this pretty lame for routine use? Yes, you can hide one message, or a few, but how do you have a conversation using this kind of technology and not stick out for emailing huge JPEGs back and forth?
What do you do? Have a competition to photoshop images? Run a porn site?
I'm just not convinced this is the way to go for real applications.
So yeah, of course you moron, things change. But Palladium doesn't change that one or antoher.
Erm... bullshit. Read some Lessig - Palladium is an architecture - it changes what is possible.
If DRM is mandated, but manufacturers can't or won't produce DRM compliant systems, the law will fail. If there is an eager, gloating manufacturer's alliance, all ready to go... think of the commercial pressure...
It's an attempt to abolish competition, curtail freedom of speech and hand over the domestic computer industry to a select few players; you may be lulled into thinking "oh, it's just some crypto hardware for making sure unsigned code can't run" but in the long run (which you seem to be so blind to) it matters.
You can't legislate the impossible: Palladium makes it possible, which makes legislation mandating it or an equivalent system all the more likely. By changing the landscape of potential, you can change the landscape of the actual.
We both know that a general purpose computer cannot be made secure for DRM purposes - somebody can write a program which copies files at an arbitrarily low level and defeats your DRM features.
If the government mandates DRM on computers, M$ simply locks Palladium down so that code which has not been signed DRM-OK will not run, claims compliance, and its all over.
CODE DOES NOT HAVE TO BE SIGNED BY MICROSOFT TO RUN.
TODAY code does not have to be signed by Microsoft to run.
TODAY.
Do you get it? How long, given the continued moves to foist DRM on us, do you think it will be until all code requires a "DRM-OK" signature to run? The potential for new law changes the light in which this technology must be seen, and you're being an ahistorical dimwit by talking about the present as if it protects you from the future.
Yes. You just won't be able to use the Palladium features of the processor, this has already been discussed previously.
However, with things like SCCCA and CBDTPA recurring every few years, don't you think you're being a bit naive?
2> Run Gnutella?
I don't see why not. But now you'd actually be able to use it for legitimate file-sharing rather than pirating MP3's and other programs, because the content of the musicians would be protected..wait, you don't pirate things do you?
I do see why not: who said that M$ *had* to give a certificate to anything? Five years after this sucker is adopted, how much do you think it is going to cost to get Microsoft to sign a piece of software? $500? $5000? $5,000,000?
3> Run Freenet?
That would kind of mean that Microsoft would have to use the chip to block a Java VM from running, and I don't really think Sun would like that..I'm guessing that didn't cross your mind.
Java? Big, big security hole there for DRM applications. Hell, interpreted languages pose a big risk:
10 INPUT $A 20 PRINT $A
being a perfectly functional DRM circumvention device, and all.
Sorry, but I don't think you're seeing the big picture, politics and culture included it's pretty obvious at Palladium is a Very Bad Thing, even if technically it looks OK at some levels.
We're seeing the thin edge of the wedge, don't forget that.
This is all about restricting your right to choose what you want to do: do you think for one moment that Palladium-disabled computers will:
1> Run Linux? 2> Run Gnutella? 3> Run Freenet?
Suppose that some form of software gets up the Government's nose, say GPG. Pull the certificates for that software, and *boof*, it's gone.
This application fully embraces the centralizing possibilities of public key encryption: control flows up to the top of the pyramid, just like X509 certificates have a chain of authority: validity is drawn from authority. For X509, the Head Honcho is Verisign, and we know how responsible and responsive they are.
The other possibility is GPG's trust model, or SPKI, which embrace bottom-up authority and allow you to pick who you trust: we already have code signing for many applications - MD5 checksums PGP-signed by the authors of the software, common for GPG distributions and many other things.
It's not about the basic technology, but about who is in charge of it.
Oh, just re-read: for packet-level stuff, you probably need a new file transfer trick: files divided up into packets **BEFORE** signing, so the packets are signed.
You can't produce a copy for "general use" without a certificate issued by a CA like VeriSign. This required an arbitrarily large amount of cash, and strong identification when you obtain the cert.
The filtering would be done by the backbone providers. First time you see a new file, check it's certificate. Store the ID of the cert and a simple, fast (i.e. could-be-done-in-hardware) checksum. Now, when you see files on the wire, look up the checksum vs. your tables, and make sure it's OK.
Ugly? Sure.
But doable?
Certainly.
Unfortunately, the implications for civil liberties and freedom of speech are **extreme**.
I don't think that this is inevitable, by the way, but I do think that unless we're very capable and fast, there is no doubt we are going to end up with a solution like this or even worse.
Uhhuh... your PKI (public key infrastructure) comes back to bite you in the ass: you need to sign up for a certificate to create content ($$$ big bucks) for distribution, then sign everything, specifying that you're a valid copyright holder for this work.
You put warez up, they cancel your key.
Oh, and did I mention probable per-issued-file fees?
Wait and see, but I think it's a matter of time if we don't act to prevent this.
THESE MOFOS ARE GOING TO TRY AND DO THIS TO THE ENTIRE INTERNET
Filtering of all content, on the backbone, to remove anything without DRM flags indicating it's OK to transmit is both technically feasible and completely coherent with increasing government demands to be back in control of the internet.
Welcome to the future of the internet: we call it television, and we'll tell you what you can see!
Slashdot Mirror
"You have 19 years to do something about a 2km rock headed for Washington. Go!"
Nothing like a crisis to focus the mind, eh?
1> Content must be considered "innocent until proven guilty" with regard to DRM - a file should pass unless it has been tagged in some way.
2> Anonymous speech must be possible.
Otherwise, along with DRM, you get to kiss a bunch of your first amendment rights away too.
DRM systems, perhaps like Palladium, may require a digital certificate to be able to create content: you sign that the work is yours and does not infringe copyright, then post.
That system kills anonymity.
Similarly, systems which require a work is signed before allowing it to be used kill the public domain, and could certainly be used to censor the internet by simply pulling the certificates for any work that people in power do not want to be seen.
Remember: 90+% of the fiber is owned by five companies: content filtering on the wire is possible.
"Sure I want to be the biggest telecom company in the world, but it's just a commodity. I want to be able to form opinion.
By controlling the pipe, you can eventually get control of the content."
-IDT chairman Howard Jonas
(IDT is an enormous Telco).
"Sure I want to be the biggest telecom company in the world, but it's just a commodity. I want to be able to form opinion.
By controlling the pipe, you can eventually get control of the content."
- IDT chairman Howard Jonas
Yeah, well, the system worked very differently in the sixties and the seventies: the specification for the Blackbird was a single sheet of paper, as opposed to the specification for the C130 which filled six crates.
Congressional pork pretty much destroyed what was once an incredibly efficient military production system.
Later adopters of the technology, rather than sinking their Bux and building their models on the first, shitty generation of the technology, get the good stuff and then surpass the creators of the form.
China, for example, has skipped landlines for phone service in a lot of areas, and gone straight to mobiles.
We're going to see a lot more of this in the next decades, while America drowns under the weight of it's enormous, wasteful military budget (I'm not against a strong America, but I have worked for defense contractors and know the score here) and it's completely outdated model of global politics.
Screw all of this decentralized indexing nonsense: just put the napster server on there, but still let the files live where they will.
You want to publish a file.
2> Your system generates a public-private key pair for that file. This is *slow* because it's a big key.
3> Your sign the file. (actually, the hash of the file)
4> Optionally, you generate additional keys and re-sign the file.
5> You keep one or more of these keys. Not the first few, though, because that would identify you as the first person to sign this file.
6> You release the file on to the network.
When somebody downloads the file, if it's kosher, they:
1> Generate a key for the file.
2> Add the key they just generated to the file, sign the file, and every signature on the file.
3> Make a file, with all of the other signatures they signed, available to the machine you just downloaded the file from and to the network in general.
When you're searching for a file, you:
1> Find a file you think meets the search criteria you have.
2> Search the network for signature files for that file.
3> Down load them and check how many valid signatures the file has before you download it.
Now, here's the clever bit: when somebody asks you to download a file, you ask them for signatures: "Show me a file which contains a list of signatures to a key which you hold the private key for (i.e. x signed by y signed by z signed by x).
Each host answers download requests in a "most-signatures-first" format, and **never** honors the same signature file twice.
So, where does this take us?
1> Signatures simply attest that a file is what it says it is. Because the first N signatures are from keys you throw away, there is no evidence you uploaded the file.
2> Reputation is built on having signed a file which is what it says it is. Reputation is *diffuse* - because I sign every file with a different key, each act is atomic: I can't transfer rep. from one file to another.
3> You have to search for your credentials on the network, just like anything else: but only you can use them.
4> Fraud is quite possible: you can generate an endless number of keys and use them to garbage-sign files and propagate junk. However, and this is the key: can the RIAA afford to muster enough computing power to fight against a million hosts?
That's the key: reputation of a given file directly relates to the amount of computer power spent signing it.
You get a benefit from investing that power: first access to files on other machines.
They don't get any benefit at all: it's just a cost, and there are a lot more of us than them.
Finally, reputation is based not on making files available, but on reviewing them, which is clearly legal if you don't make the file available for download too - hence "third party review" becomes a way of building "karma" for the downloads you want.
That's clearly a desirable trait in a P2P system.
For the banking app it allows some centralization of function, and up/downloading results from head office. Worthwhile.
For the medical app: they can't read.
- Management of microcredit loan systems
- Medical expert systems
- Useful Science Education
- Email
- Trade
- Mapping
Microelectonics is the only thing I know of which has a sustainable exponential curve anywhere in it's makeup. If we can figure out how to make our current computer technology help the poor a little, as prices drop and the gear gets better, it will help a lot more. Fifteen years down the line, it helps hundreds of times as much, if the mapping from (price per transistor) to (human benefit) holds.Microcredit loans (of a few tens of dollars, repayable by a group rather than an individual) are rapidly turning into a key aid strategy, but finding people to run the schemes and do evaluations for who should get the loans is difficult. A simputer application could help with data and loan application gathering, and keeping track of repayments. You'd essentially run the local microcredit loan office on one, or perhaps have a traveling bank officer.
Have been proven to improve medical diagnosis in trained doctors by respectable margins. Even a simple database with appropriate treatment instructions for, say, the 100 most common ailments in the region the machine is in, plus some first aid, could really make a difference. Particularly if it had a preventative medicine bias.
People do not know what they do not know. A simputer app which contained a basic science and appropriate technology education (concepts like germ theory, designs for things like fuel efficient cooking stoves), which people could query easilly, could be very useful.
Dumb as it may sound. Just wait for the "Help, I'm 9 years old, live in Andhar Pradesh, and my family is starving because the harvest failed again. Please do something" emails to begin.
More seriously, with email, and a little time, we could see things like pairing of western high-schools with third world villages - they have a question, the highschoolers find the answer for them and email it back.
Similarly, trade becomes possible once you have information, financial structures and transport of goods (and, perhaps, rule of law). There are a lot of skilled crafts people in India - wouldn't you like to be able to order custom-made clothes or furniture for a fraction of what it would cost for generica at the Gap or Ikea?
Just amortize the shipping costs (by the container, of course) across a large enough set of trades and this begins to make sense.
One problem in governing places like India, even in the most basic distribution of help to the poor, is inaccurate or incomplete data about what is going on in the field. If we do end up with a simputer per village at some point in the future, and people log events on the box, mining that data stream may tell us how to help ten times more effectively than before.
It may also help the poor organize: PeasantDot.Org - where the rural poor get together to help each other out.
Even if it doesn't, making what we're really good at help the people with nothing makes a lot of sense.
Partly, this is the first production run: probably half the run will go to aid agencies for evaluations ;-)
;-)
Once they get economies of scale going, cost will drop quickly - and in any case the cost of all micro-electronics manufacturing is constantly dropping (except for Apple's LCDs it seems
Plus, we're talking about a one-per-village item, not an individual use device, which is why it takes smart cards. Think of expert systems for microcredit loans, medical diagnosis, first aid, farming and the like - deployed with a voice interface in the back of beyond.
It's early stages yet, but give it time.
Seriously: the fall-off for technical competence among the general population is at least exponential - remember that half of the world doesn't even have telephones, a lot of people are older and unused to modern gadgets, and so on.
Only a tiny fraction of folks are young at heart enough to enjoy novelty in their everyday objects, and the rest just want the bloody thing to work.
We need the larger DRM debate. That is important.
I agree. We should figure out what "fixed" looks like before we end up with a proprietary, patent-bound solution from the Ogre of Redmond.
Not that I wouldn't be worried if Sun were behind this, but we've seen the M$ approach to open systems too often to take this as anything other than a direct threat to the availability of OS-neutral hardware and potentially to the viability of open source all together.
Palladium changes a lot: the major chip manufacturers and M$ in an alliance to make DRM a reasonable technical and legal reality.
I'd say that's news.
And nobody is talking about control of the world: only restriction of the freedoms we've grown used to on the internet.
Certainly a nice toy, yeah, much like any other stego app.
But, what's the practical application? Surely traffic analysis makes stuff like this pretty lame for routine use? Yes, you can hide one message, or a few, but how do you have a conversation using this kind of technology and not stick out for emailing huge JPEGs back and forth?
What do you do? Have a competition to photoshop images? Run a porn site?
I'm just not convinced this is the way to go for real applications.
So yeah, of course you moron, things change. But Palladium doesn't change that one or antoher.
Erm... bullshit. Read some Lessig - Palladium is an architecture - it changes what is possible.
If DRM is mandated, but manufacturers can't or won't produce DRM compliant systems, the law will fail. If there is an eager, gloating manufacturer's alliance, all ready to go... think of the commercial pressure...
It's an attempt to abolish competition, curtail freedom of speech and hand over the domestic computer industry to a select few players; you may be lulled into thinking "oh, it's just some crypto hardware for making sure unsigned code can't run" but in the long run (which you seem to be so blind to) it matters.
You can't legislate the impossible: Palladium makes it possible, which makes legislation mandating it or an equivalent system all the more likely. By changing the landscape of potential, you can change the landscape of the actual.
Re-read my post, dimwit.
Things change. Today, the user decides. Tomorrow, it may be the Feds, or Micro$oft, or somebody else entirely.
You act as if the policies can't be changed once the architecture exists, and that is why I call you stupid.
Ok, Sparkey, let's zoom back a little:
DRM is a what.
Palladium is a how.
We both know that a general purpose computer cannot be made secure for DRM purposes - somebody can write a program which copies files at an arbitrarily low level and defeats your DRM features.
If the government mandates DRM on computers, M$ simply locks Palladium down so that code which has not been signed DRM-OK will not run, claims compliance, and its all over.
What part of this don't you understand?
CODE DOES NOT HAVE TO BE SIGNED BY MICROSOFT TO RUN.
TODAY code does not have to be signed by Microsoft to run.
TODAY.
Do you get it? How long, given the continued moves to foist DRM on us, do you think it will be until all code requires a "DRM-OK" signature to run? The potential for new law changes the light in which this technology must be seen, and you're being an ahistorical dimwit by talking about the present as if it protects you from the future.
1> Run Linux?
Yes. You just won't be able to use the Palladium features of the processor, this has already been discussed previously.
However, with things like SCCCA and CBDTPA recurring every few years, don't you think you're being a bit naive?
2> Run Gnutella?
I don't see why not. But now you'd actually be able to use it for legitimate file-sharing rather than pirating MP3's and other programs, because the content of the musicians would be protected..wait, you don't pirate things do you?
I do see why not: who said that M$ *had* to give a certificate to anything? Five years after this sucker is adopted, how much do you think it is going to cost to get Microsoft to sign a piece of software? $500? $5000? $5,000,000?
3> Run Freenet?
That would kind of mean that Microsoft would have to use the chip to block a Java VM from running, and I don't really think Sun would like that..I'm guessing that didn't cross your mind.
Java? Big, big security hole there for DRM applications. Hell, interpreted languages pose a big risk:
10 INPUT $A
20 PRINT $A
being a perfectly functional DRM circumvention device, and all.
Sorry, but I don't think you're seeing the big picture, politics and culture included it's pretty obvious at Palladium is a Very Bad Thing, even if technically it looks OK at some levels.
We're seeing the thin edge of the wedge, don't forget that.
This is all about restricting your right to choose what you want to do: do you think for one moment that Palladium-disabled computers will:
1> Run Linux?
2> Run Gnutella?
3> Run Freenet?
Suppose that some form of software gets up the Government's nose, say GPG. Pull the certificates for that software, and *boof*, it's gone.
This application fully embraces the centralizing possibilities of public key encryption: control flows up to the top of the pyramid, just like X509 certificates have a chain of authority: validity is drawn from authority. For X509, the Head Honcho is Verisign, and we know how responsible and responsive they are.
The other possibility is GPG's trust model, or SPKI, which embrace bottom-up authority and allow you to pick who you trust: we already have code signing for many applications - MD5 checksums PGP-signed by the authors of the software, common for GPG distributions and many other things.
It's not about the basic technology, but about who is in charge of it.
Oh, just re-read: for packet-level stuff, you probably need a new file transfer trick: files divided up into packets **BEFORE** signing, so the packets are signed.
Hard, I agree.
Ok, here's the scoop:
You can't produce a copy for "general use" without a certificate issued by a CA like VeriSign. This required an arbitrarily large amount of cash, and strong identification when you obtain the cert.
The filtering would be done by the backbone providers. First time you see a new file, check it's certificate. Store the ID of the cert and a simple, fast (i.e. could-be-done-in-hardware) checksum. Now, when you see files on the wire, look up the checksum vs. your tables, and make sure it's OK.
Ugly? Sure.
But doable?
Certainly.
Unfortunately, the implications for civil liberties and freedom of speech are **extreme**.
I don't think that this is inevitable, by the way, but I do think that unless we're very capable and fast, there is no doubt we are going to end up with a solution like this or even worse.
Actually, VeriSign generates your DRM flag.
Uhhuh... your PKI (public key infrastructure) comes back to bite you in the ass: you need to sign up for a certificate to create content ($$$ big bucks) for distribution, then sign everything, specifying that you're a valid copyright holder for this work.
You put warez up, they cancel your key.
Oh, and did I mention probable per-issued-file fees?
Wait and see, but I think it's a matter of time if we don't act to prevent this.
In case you haven't been paying attention
THESE MOFOS ARE GOING TO TRY AND DO THIS TO THE ENTIRE INTERNET
Filtering of all content, on the backbone, to remove anything without DRM flags indicating it's OK to transmit is both technically feasible and completely coherent with increasing government demands to be back in control of the internet.
Welcome to the future of the internet: we call it television, and we'll tell you what you can see!