I only hope you drive an automatic transmission car with one foot on the brake, and another on the accelerator. The only way such cars are to be driven. You admitted yourself that doing it single-footed costs you time and braking distance. Just don't do it. This stupidity is all over the place, and you'd think people would wise up. Same goes to how people adjust their side mirrors. On many cars, the correct setting is pretty much to rotate the mirror outwards almost to the stop. Voila, no blind spot.
Things still have to be practical to be practical;)
As for removing things layer of atoms-at-a-time: current key protection is designed to cope with that. So assuming you were running a scanning probe system and pulling atoms one-at-a-time, eventually the key would self-destruct before you could get to the silicon. To overcome that, you'd need to manipulate atoms/molecules remotely (through billions of other layers of atoms). And the imaging would need to be done using something else than photons -- say if you'd have X-ray beam powerful enough to guide an atom manipulator in real-time, your key would be gone within seconds. The silicon is purposefully designed to thwart imaging attempts: a sufficient accumulated dose erases the key, and that's the end of that.
Okee dokee, let's see where that line of thinking leads us. You say that having a copy of data under copyright protection, without a license, is having something that is not yours. But you see, license has nothing to do with ownership! Have you ever seen a blurb that goes like so: "this software is licensed, not sold"? So, even when you legally use software, you don't have it, and it still is not yours!
What really irks me that Bible, a text supposedly to be enjoyed by the common folk, is written in a language that makes the worst EULA seem like a Sunday afternoon reading. Either the translators are idiots, or whoever wrote it down was on drugs. The two sentences you cite above are a perfect example of that. What the heck? Couldn't whoever authored that just wrote it in plain whatever language?
Legally, there is crown copyright to some bible texts in the U.K. at least. There, you can't freely copy King James bible IIRC. I know, it's ridiculous.
There is no way to slice a properly designed and certified crypto chip open while preserving the keys. By the time you open it up, the keys are gone. Those designs have been around for quite some time, and there are no known workaround for the current generation of those chips AFAIK. This is no game of cat and mouse -- with a properly designed platform, you'd need a theoretical breakthrough. Not even Moore's law will help you in the short term (think decades).
Those mission-critical-designed-for OSes are, unfortunately, likely to be secure by obscurity. Something like vxWorks or QNX is not a big enough target for malware writers or blackhats, but I'm quite sure those platforms are full of holes simply because they are not very exposed. I'd say that linux, perhaps with realtime extensions, would be a somewhat better platform -- it's exposed way more, and most of the holes have been patched.
Heck, GP doesn't know much about basic data analysis. Let me cite from my hero Feynman -- he was on a commission that was to recommend textbooks to a school district.
This question of trying to figure out whether a book is good or bad by looking at it carefully or by taking the reports of a lot of people who looked at it carelessly is like this famous old problem: Nobody was permitted to see the Emperor of China, and the question was, What is the length of the Emperor of China's nose? To find out, you go all over the country asking people what they think the length of the Emperor of China's nose is, and you average it. And that would be very "accurate" because you averaged so many people. But it's no way to find anything out; when you have a very wide range of people who contribute without looking carefully at it, you don't improve your knowledge of the situation by averaging.
Be very, very careful with that way of thinking. Suppose you asked 1000 randomly selected people about the height of the Empire State Building. You average their answers, and you get a mean and its standard deviation. So you think if you ask more people, you will get a better result? No. When you ask 10,000 people instead, or even a million people, your mean is not going to be any better. The truth is that most people have no fucking clue about the number in question, so your mean is at best a result belonging in a sociology paper.
So if you use a test that has, figuratively, no fucking clue, it doesn't matter if you repeat the test a million times. The end result is no better. There is no way to get better results from inaccurate ones simply via statistics.
You need to have a test that first and foremost gives a correct result to required accuracy, but then -- through a process whose properties are to be somewhat understood -- the result you obtain has a noise added to it, and the properties of such noise must be well understood, too. Only then you can apply statistical methods to aggregate multiple results to recover the accurate answer that was buried under noise.
So how do you draw the line between what's acceptable viewing/photography, and what's not. To me, a reasonable expectation of privacy would be in within an optically obscure enclosure. Say in your home, with curtains drawn, or window blinds closed. If someone had a radar imager, I'd be quite pissed: it's not reasonable to expect people to live in Faraday cages. But there's nothing reasonable in obsessing about street view pictures -- how do those invade my, or anyone else's, privacy? I just don't get it. Someone has raised an argument that since street view van cameras are higher up, they can look over the fences and make it easier to scout out potential targets for thieves. I guess it's time I took the time to write down the damn serial numbers from any expensive equipment I own. Other than that, the insurance covers me against theft. I should take a few pics of each room, to make it easier to prove ownership of certain things -- as an alternate to having a part-time job of billkeeping. All that stuff will probably end on google's servers;)
Umm, no, that's not true. There are plenty of crypto chips that clearly show what you're saying to be untrue. As long as you can't get access to the private keys, and you cannot get access to the plaintext firmware, you're out of luck. It's fairly easy these days to get a custom chip design that incorporates the CPU, secure memory, and whatnot, so that whatever you do outside of the chip won't cause any security breaches.
It's not anyone's fault (other than Sony) that their design is so messed up that running untrusted firmware would allow piracy. They messed up big time, that's all. The design could have been such that access the encrypted discs could have been limited to trusted firmware, and anything else wouldn't. There is no theoretical reason as to why third-party OS running on PS3 would allow piracy of any sort. The real reason is that Sony didn't get people who know crypto on their design team, and didn't design their hardware in a way that would disallow 3rd party (untrusted) code from being able to read encrypted games.
There are no security holes in "the other OS" -- they just effed up their core design, if that. There is no theoretical reason, nor even a practical one, why running third party code on PS3 would lead to piracy or any such thing. Assuming that the platform was designed correctly for that. It's simple enough to let the hardware access encrypted discs only when trusted firmware is being run. You run linux or whatever "Other OS" you like, and you get a plain old DVD or BLU-RAY drive, that you can use to play encrypted media (but not games) just as you would had you used a DVD-ROM or BL-ROM drive on a PC. The games could be encrypted with keys that are only available to trusted firmware, the latter being distributed in encrypted form and only decryptable by the console hardware. Heck, one could prevent trusted firmware from running untrusted games, so that it'd be impossible to probe it for security vulnerabilities. Then any indie games would need to run on their own, bundled, untrusted (3rd party) firmware. Whatever libraries are needed to access basic console hardware could be publicly distributed by Sony, so that you wouldn't need to re-implement that to use the platform. That's not hard at all, IOW.
The main problem here is that Sony just likes being in your face and telling you "play by our rules, we're bigger, meaner, and we don't care". I don't think that's a message you want your customers to hear. One thing is what rights one has, another thing is not being a dick. The fact that what Sony did was perhaps legal and "OK" doesn't make it any less, um, dickish.
As for the arguments people have that somehow a closed platform has to stay closed so that people don't run hacked games: man, I didn't take the crypto course, but even I know that it's fairly easy to ensure integrity of software running on the console as long as there's a modicum of hardware support for it. This can be done on a completely open platform -- everything could be open source, as long as the crypto hardware can ensure private key integrity.
The console could support any firmware -- official and non-official builds. Official firmware images (downloadable!) could be encrypted. Such a firmware can then be decrypted and validated by the hardware upon booting. The firmware can include code signing functionality with another private key embedded into the firmware -- said key being safe, as the firmware is encrypted when handled by the user (think firmware downloads), with plaintext protected by the platform and inaccessible to the client images (games, hacks, linux images, whatever). The game servers can just ask for a digital signature of the game image with some salt appended to it -- any hacks/mods will prevent you from joining. Since you don't have access to the signing key (it's within protected and ephemeral firmware plaintext), there's no way to work around that -- random, one-time salt prevents replay attacks. There could be games that are open to everyone, and games that are only open to those who run official game code without modifications. This is not rocket science anymore, and whatever pretense Sony has for keeping things locked up just don't stand up to reality. The latter being that Sony didn't have to make things locked up so much, while still keeping all the benefits a 100% closed platform has.
I think that graduate level education in the U.S. is generally good, and can be excellent if you wish to make it so. The biggest deal to me was that I could pick the teachers I wanted, and the classes I liked. Over the years, I've dropped a total of three classes. One wasn't really all that interesting -- it was mostly math that seemed boring to me (intro to crypto), in another two the teachers were something not to brag about. In all cases I took another class instead. In most cases in Europe you really don't have that freedom.
As for elementary and high schools I went to: pretty much everything not related to science was a big joke. Physics, Maths, Biology and Geography were very decently taught, but the curricula were a work of a half-drunk, half-stoned committe, or so it seemed.
It's obviously very helpful to memorize lists of river tributaries -- because, you know, in case you ever worked in hydrology, you'd use the data off the top of your head. Books obviously having not been invented for that application. Same goes, for, say, trig identities -- it makes you so much better educated if you just memorize them all, it'd make you very stupid if you were taught how to derive the damn things, right? Right.
And I could toss examples like that for the next few hours... Now don't get me wrong: teachers were not really at fault -- the curricula were set up so that there was little time for real teaching, memorization was a big part of the problem.
Graduate-level engineering education in a big ten school was the first time I've ever had fun going to school.
Interesting: I usually have no problem with drinking coffee or caffeine-containing soda before going to sleep. I wouldn't go as far as self-diagnosing with ADHD, though.
Admittedly, I never really had the high-strung all-stimulated reaction to caffeine, even when I used to drink many liters of Coca Cola straight out of a 2 liter bottle as a 20-something. I could take a nap anytime.
Now I have soda a couple times per week at most, I got bored of the taste... But I still drink a couple cups of coffee in the morning.
I only hope you drive an automatic transmission car with one foot on the brake, and another on the accelerator. The only way such cars are to be driven. You admitted yourself that doing it single-footed costs you time and braking distance. Just don't do it. This stupidity is all over the place, and you'd think people would wise up. Same goes to how people adjust their side mirrors. On many cars, the correct setting is pretty much to rotate the mirror outwards almost to the stop. Voila, no blind spot.
Yeah, but the obsolete versions are seemingly most popular, and not only in English. And people are OK with that: double facepalm.
Things still have to be practical to be practical ;)
As for removing things layer of atoms-at-a-time: current key protection is designed to cope with that. So assuming you were running a scanning probe system and pulling atoms one-at-a-time, eventually the key would self-destruct before you could get to the silicon. To overcome that, you'd need to manipulate atoms/molecules remotely (through billions of other layers of atoms). And the imaging would need to be done using something else than photons -- say if you'd have X-ray beam powerful enough to guide an atom manipulator in real-time, your key would be gone within seconds. The silicon is purposefully designed to thwart imaging attempts: a sufficient accumulated dose erases the key, and that's the end of that.
Okee dokee, let's see where that line of thinking leads us. You say that having a copy of data under copyright protection, without a license, is having something that is not yours. But you see, license has nothing to do with ownership! Have you ever seen a blurb that goes like so: "this software is licensed, not sold"? So, even when you legally use software, you don't have it, and it still is not yours!
How the heck do you "take" anything when you copy digital files, huh?
What really irks me that Bible, a text supposedly to be enjoyed by the common folk, is written in a language that makes the worst EULA seem like a Sunday afternoon reading. Either the translators are idiots, or whoever wrote it down was on drugs. The two sentences you cite above are a perfect example of that. What the heck? Couldn't whoever authored that just wrote it in plain whatever language?
So, obviously, modifying the pdf file to remove the watermark is impossible. You win, truly.
Human steak, mmm :)
Legally, there is crown copyright to some bible texts in the U.K. at least. There, you can't freely copy King James bible IIRC. I know, it's ridiculous.
There is no way to slice a properly designed and certified crypto chip open while preserving the keys. By the time you open it up, the keys are gone. Those designs have been around for quite some time, and there are no known workaround for the current generation of those chips AFAIK. This is no game of cat and mouse -- with a properly designed platform, you'd need a theoretical breakthrough. Not even Moore's law will help you in the short term (think decades).
Those mission-critical-designed-for OSes are, unfortunately, likely to be secure by obscurity. Something like vxWorks or QNX is not a big enough target for malware writers or blackhats, but I'm quite sure those platforms are full of holes simply because they are not very exposed. I'd say that linux, perhaps with realtime extensions, would be a somewhat better platform -- it's exposed way more, and most of the holes have been patched.
Mod it up! Very informative.
Heck, GP doesn't know much about basic data analysis. Let me cite from my hero Feynman -- he was on a commission that was to recommend textbooks to a school district.
This question of trying to figure out whether a book is good or bad by looking at it carefully or by taking the reports of a lot of people who looked at it carelessly is like this famous old problem: Nobody was permitted to see the Emperor of China, and the question was, What is the length of the Emperor of China's nose? To find out, you go all over the country asking people what they think the length of the Emperor of China's nose is, and you average it. And that would be very "accurate" because you averaged so many people. But it's no way to find anything out; when you have a very wide range of people who contribute without looking carefully at it, you don't improve your knowledge of the situation by averaging.
Be very, very careful with that way of thinking. Suppose you asked 1000 randomly selected people about the height of the Empire State Building. You average their answers, and you get a mean and its standard deviation. So you think if you ask more people, you will get a better result? No. When you ask 10,000 people instead, or even a million people, your mean is not going to be any better. The truth is that most people have no fucking clue about the number in question, so your mean is at best a result belonging in a sociology paper.
So if you use a test that has, figuratively, no fucking clue, it doesn't matter if you repeat the test a million times. The end result is no better. There is no way to get better results from inaccurate ones simply via statistics.
You need to have a test that first and foremost gives a correct result to required accuracy, but then -- through a process whose properties are to be somewhat understood -- the result you obtain has a noise added to it, and the properties of such noise must be well understood, too. Only then you can apply statistical methods to aggregate multiple results to recover the accurate answer that was buried under noise.
You'd make Feynman proud. What a clear explanation. Hopefully right, too ;)
So how do you draw the line between what's acceptable viewing/photography, and what's not. To me, a reasonable expectation of privacy would be in within an optically obscure enclosure. Say in your home, with curtains drawn, or window blinds closed. If someone had a radar imager, I'd be quite pissed: it's not reasonable to expect people to live in Faraday cages. But there's nothing reasonable in obsessing about street view pictures -- how do those invade my, or anyone else's, privacy? I just don't get it. Someone has raised an argument that since street view van cameras are higher up, they can look over the fences and make it easier to scout out potential targets for thieves. I guess it's time I took the time to write down the damn serial numbers from any expensive equipment I own. Other than that, the insurance covers me against theft. I should take a few pics of each room, to make it easier to prove ownership of certain things -- as an alternate to having a part-time job of billkeeping. All that stuff will probably end on google's servers ;)
Umm, no, that's not true. There are plenty of crypto chips that clearly show what you're saying to be untrue. As long as you can't get access to the private keys, and you cannot get access to the plaintext firmware, you're out of luck. It's fairly easy these days to get a custom chip design that incorporates the CPU, secure memory, and whatnot, so that whatever you do outside of the chip won't cause any security breaches.
Mod parent up!
It's not anyone's fault (other than Sony) that their design is so messed up that running untrusted firmware would allow piracy. They messed up big time, that's all. The design could have been such that access the encrypted discs could have been limited to trusted firmware, and anything else wouldn't. There is no theoretical reason as to why third-party OS running on PS3 would allow piracy of any sort. The real reason is that Sony didn't get people who know crypto on their design team, and didn't design their hardware in a way that would disallow 3rd party (untrusted) code from being able to read encrypted games.
There are no security holes in "the other OS" -- they just effed up their core design, if that. There is no theoretical reason, nor even a practical one, why running third party code on PS3 would lead to piracy or any such thing. Assuming that the platform was designed correctly for that. It's simple enough to let the hardware access encrypted discs only when trusted firmware is being run. You run linux or whatever "Other OS" you like, and you get a plain old DVD or BLU-RAY drive, that you can use to play encrypted media (but not games) just as you would had you used a DVD-ROM or BL-ROM drive on a PC. The games could be encrypted with keys that are only available to trusted firmware, the latter being distributed in encrypted form and only decryptable by the console hardware. Heck, one could prevent trusted firmware from running untrusted games, so that it'd be impossible to probe it for security vulnerabilities. Then any indie games would need to run on their own, bundled, untrusted (3rd party) firmware. Whatever libraries are needed to access basic console hardware could be publicly distributed by Sony, so that you wouldn't need to re-implement that to use the platform. That's not hard at all, IOW.
The main problem here is that Sony just likes being in your face and telling you "play by our rules, we're bigger, meaner, and we don't care". I don't think that's a message you want your customers to hear. One thing is what rights one has, another thing is not being a dick. The fact that what Sony did was perhaps legal and "OK" doesn't make it any less, um, dickish.
As for the arguments people have that somehow a closed platform has to stay closed so that people don't run hacked games: man, I didn't take the crypto course, but even I know that it's fairly easy to ensure integrity of software running on the console as long as there's a modicum of hardware support for it. This can be done on a completely open platform -- everything could be open source, as long as the crypto hardware can ensure private key integrity.
The console could support any firmware -- official and non-official builds. Official firmware images (downloadable!) could be encrypted. Such a firmware can then be decrypted and validated by the hardware upon booting. The firmware can include code signing functionality with another private key embedded into the firmware -- said key being safe, as the firmware is encrypted when handled by the user (think firmware downloads), with plaintext protected by the platform and inaccessible to the client images (games, hacks, linux images, whatever). The game servers can just ask for a digital signature of the game image with some salt appended to it -- any hacks/mods will prevent you from joining. Since you don't have access to the signing key (it's within protected and ephemeral firmware plaintext), there's no way to work around that -- random, one-time salt prevents replay attacks. There could be games that are open to everyone, and games that are only open to those who run official game code without modifications. This is not rocket science anymore, and whatever pretense Sony has for keeping things locked up just don't stand up to reality. The latter being that Sony didn't have to make things locked up so much, while still keeping all the benefits a 100% closed platform has.
I think that graduate level education in the U.S. is generally good, and can be excellent if you wish to make it so. The biggest deal to me was that I could pick the teachers I wanted, and the classes I liked. Over the years, I've dropped a total of three classes. One wasn't really all that interesting -- it was mostly math that seemed boring to me (intro to crypto), in another two the teachers were something not to brag about. In all cases I took another class instead. In most cases in Europe you really don't have that freedom.
As for elementary and high schools I went to: pretty much everything not related to science was a big joke. Physics, Maths, Biology and Geography were very decently taught, but the curricula were a work of a half-drunk, half-stoned committe, or so it seemed.
It's obviously very helpful to memorize lists of river tributaries -- because, you know, in case you ever worked in hydrology, you'd use the data off the top of your head. Books obviously having not been invented for that application. Same goes, for, say, trig identities -- it makes you so much better educated if you just memorize them all, it'd make you very stupid if you were taught how to derive the damn things, right? Right.
And I could toss examples like that for the next few hours... Now don't get me wrong: teachers were not really at fault -- the curricula were set up so that there was little time for real teaching, memorization was a big part of the problem.
Graduate-level engineering education in a big ten school was the first time I've ever had fun going to school.
Good to know.
Interesting: I usually have no problem with drinking coffee or caffeine-containing soda before going to sleep. I wouldn't go as far as self-diagnosing with ADHD, though.
Admittedly, I never really had the high-strung all-stimulated reaction to caffeine, even when I used to drink many liters of Coca Cola straight out of a 2 liter bottle as a 20-something. I could take a nap anytime.
Now I have soda a couple times per week at most, I got bored of the taste... But I still drink a couple cups of coffee in the morning.
Bravo.