Re:Why DRM is usefull
on
Real DRM
·
· Score: 2, Insightful
Then it is not DRM, it is normal use of encryption. DRM is about trying to keep a secret between you and someone who has no interest in keeping the secret.
uhh, no.
It IS DRM, and has to be because the key feature is the ability to revoke access even after the viewer has the video file. (presumably for when an employee who DID have access decides to quit/is fired)
Suppose I'm a big business and I have people all over the world. I want to distribute training videos to my employees. These videos are TOP-SECRET because they show how to build widgets in this awesome new way I invented. My new widget manufacturing technique is going to let me sell my widgets for half what the competition charges. If this video gets out on the net I'm going to lose millions.
DRM wrappers would allow me to authorize certain employees to access the videos AND I'll be able to revoke access if they quit.
I realize no encryption scheme is going to be perfect so I want something that's pretty good and has open source so I can be sure that Micro$oft/Real/GWBush dont' have magic universal keys.
bandwidth costs about 0.12 cents US per megabyte when bought in blocks of 50gigs or more. So that's about half a cent for a typical MP3... (160kbit for 4 minutes).
So even an album that used an entire CD (74 minutes) and was compressed to 192Kbit/s would cost about 13 cents US to send over the Internet. Of course that doesn't include the cost for the end user to dl... that's just from the server side... end users have been known to pay as much as 0.5-1.5 cents per megabyte...
Or maybe they got owned because they're crazy enough to run an FTP server.... Who the heck runs FTP anymore? except for anon download only it's insanely insecure. I mean come on people, do you log into your systems using telnet aswell?
One more thing... I forgot to mention that the whole point of this is that mplayer can now add support for the real codecs so you don't have to run a player from realnetworks ever again.
It's not as bad as you make out. The new RealOne player is not as bad as MS media player. First of all, you CAN turn off all those things you mentioned (did you even look for the checkboxes in the options menu?) Second, unlike media player realOne defaults to NOT uniquely identifying your player to servers.
hahaha, my 19" samsung CRT running my FPS games at 1280x1024 laughs heartily at your primitive tv games.
bt878s with a gateway running ffserver
on
Cheap KVM Over IP?
·
· Score: 2, Interesting
How about putting cheapo tvout cards in all the servers, and connecting them all to a dedicated pc that has like 5 bt878 capture cards. (short svideo cables) That'll let you see the whole boot process including doing bios stuff.
Then run ffserver (ffmpeg, or maybe ffpegrec which is part of nvrec) on this gateway machine to encode and serve up divx5 video streams.
You can add security with freeswan and certificates if you like.
This can all be done using linux fairly easily. The major drawback would be the limit on PCI slots for capture cards. There are cheap Viewcast cards that have 3 inputs you can switch between so you could get at least 15 channels.(just not all at the same time) You'd need a control channel aswell i guess.. maybe you could get a keyboard switch and write a little script to let you pipe your keyboard actions to whichever machine you want.
Re:Been waiting for this technology
on
P2P Roaming Chat
·
· Score: 2, Interesting
"Transactions with cash would be handled much the way they are on the internet now. You would trust the server with a credit card number, which you would send through a secure tunnel."
No! credit cards suck. sorry to nit-pick, I realize this wasn't the main thrust of your post, I just wanted to rant briefly about how much credit cards suck.
[rant] Credit card numbers are like keys to your bank account. What kind of commerce system operates by having the customer hand over the keys to their bank account to every merchant they want to buy from? It's ridiculous, "here's the key to my bank account, please don't take any more money than we agreed upon... oh, and please don't keep a copy of my keys"
There's no security at all, it's just supported by insurance and we pay for it in the form of transaction fees to the tune of several billion dollars a year. It blows my mind. Any half-way decent electronic commerce system should be using cryptographic tokens to represent cash in transit. [/rant]
Amazing, I wonder how something that creates so much heat can also be as efficient as they claim...
Also, if they are using the 2.4whateverGhz to energize the little 'bulb' why exactly should this cause interference? Have I misunderstood something here? My understanding is that they are beaming energy at 2.4Ghz within the device only, just like a microwave oven but at a MUCH lower power output...They're not flooding the room with it... I mean come on... if this device is sooo efficient wouldn't it use a reasonably well directed beam for this? with shielding/reflectors?
Sounds like a big non-story to me. Who the hell would buy that crap when there are LED lights available anyway?
Your comment stresses the fact that this proposed system would be used for online identification purposes only. This seems to imply that there is some other kind of authentication that is not covered... perhaps this has something to do with the "meatspace" I've read about... I'm not sure that this "meatspace" authentication has much to do with me. Someone told me you can get to "meatspace" by turning off your computer and going outside but I'm not prepared to give up my PC's uptime just to find out.
buddy, you're just ignorant. If you were posting with a real userid I might bother collecting some links for you. I suppose there's a chance the CIA never sold drugs to US citizens (if you don't count working with the drug dealers further back in the supply chain), but they certainly do have their hands dirty. (bloody actually)
You're right about one thing tough, this is very much OT.
"Deadplant, thank you for two common scenarios where a laptop and a detector..."
gee, nobody ever thanked me for a slashdot post before!;-)
As for your proposed remedies, I think you've got the right idea however I think the real problem is going to be the huge installed base of systems. Most dentists don't read this sort of tech story. What we need is some way to notify people that we think could be vulnerable to this sort of attack.
Perhaps a good starting point would be to contact the companies that run EDI systems (insurance companies, credit agencies etc..) and make sure they're aware of it so that they can contact their clients.
I used to work for a tech company that setup networks and misc IT for small business. I can think of at least three sites where there are visible modems that at least occassionally transmit sensitive info. I can however think of none that read slashdot... In fact, the place I work right now has it's server room visible through a lightly tinted (indoor) window, DSL modem and all... I wonder...
When i get home tonight i'm gonna talk to my roomate about making a small device to detect whether a device's LEDs are emmitting 'class III' data or not. I'd sure like to test some of the equipment around here.
"But before you can do any of that, you have to be able to _see_ the blinking lights"
I can think of a couple of other possible scenarios where people might get to see your lights... several industries use EDI systems for various purposes, dentists for instance use modems to dial-in to EDI systems run by insurance companies to check claims info. If that modem is visible a client could fairly easily carry a detector in their briefcase and possible grab some usefull info (SIN/SSN numbers perhaps? or credit card numbers) Other companies use modem based EDI systems to do credit checks which of course would be stuffed with usefull info.
reconstruct the data from the flashing lights??? whatever. That's so ridiculous it's laughable.
If that was possible you would have discovered a spectacular new way to compress data at 1000-1 or better. My DSL modem sends a 1500 byte packet and the light blinks... now reconstruct that packet for me from that single blink... I don't think so.
a better analogy might be: Companies paying to have their mail-order catalogs placed strategically in your library... alphabetical order be damned.
Or little ads on those index cards libraries use... I can see it now.. viagra ads at the beginning of the S.E.X. section.
Re:I've worked with these...
on
Netwinder is Back
·
· Score: 2, Interesting
I've been working on a system that does alot of what the netwinder was supposed to do.
MY system however is much better! (shameless plug)
It's runs debian for a start, so expanding it's capabilities is as easy as "apt-get install". It runs on x86 hardware because x86 is soooo damn cheap and powerfull. so you can always build your own or upgrade or whatever. We plan on making a low-power version at some point (strongARM or whatever) to take advantage of that niche.
My VPN system works. It's using FreeS/WAN and RSA keys, no certificates at the moment, but hey! it's more secure this way anyway.(transfer your public keys OutOfBand on a floppy disk)
It also has cool features like the ability to have multiple Internet connections that will 'fail-over', and multiple LAN segments that can be firewalled off from each other, they can be given different net connections to use, and you can customize the level of access for each LAN. So you can put your important internal servers on a seperate segment from your general purpose email/browsing PCs, and limit/eliminate their net access. It also comes with built-in email virus filtering (you have to pay for virus scanner license). oh, and it runs Apache with mod_ssl so you can deploy web-based apps on it and use cool x509 certificates for access control...
I could go on and on... it's made for people who don't necessarily know how to use linux, but if you do then there's all kinds of cool stuff you can add.
you miss the point, this is halted system, not just a system with no drives mounted. I other words no user processes can start at all. It is therefore impossible for a virus to run, the only kind of exploit possible would be one that directly exploits a flaw in the kernel (a fairly rare thing). and beyond that, it would probably have to be an exploit designed for this kind of system specifically since most exploits assume it's possible to execute a process (like a shell, or an 'rm -rf' or something)
those bastards! I seriously doubt they have any shortage of bandwidth, I have a hard time sorting out who own who there but I think sympatico is part of Bellnexxia which is part of the big Bell Canada... bellnexxia has a nifty national fiber network with plenty of room to grow, light more fibers! (www.bellnexxia.com has info on their network)
bellnexxia offers business class ADSL in Canada for as little as $120/month (dymanic IPs) and $239/month (static IPs). that's for 3Mbit down, 640K up. 10gB/month bandwidth cap.
sympatico's residential service is $40/month for 1.5Mb down, 160kbit up (it's supposed to be 240 or 320 now/soon i think) dynamic ip, no bandwidth cap. The same service is available to business for $80/month
IGS doesn't have the coverage of the other two, but they offer 3Mbit down, 800kbit up for $179/month. static IPs. not sure about bandwidth caps..
I can't say anything bad about sympatico myself because I pay $64.95/month for a 2.2Mbit down, 1.1-1.3Mbit upstream ADSL with a single static IP and no bandwidth cap! it was part of their test-market and they let me keep it afterwards! I continue to be very very very gratefull. (servers allowed!, no pppoe, and I've NEVER had any trouble maxing out my bandwidth, their network seems to have plenty of spare capacity)
Re:Use his power for good, not evil (or less good:
on
Borking Outlook Express
·
· Score: 2, Insightful
Actually, your analogy isn't really very accurate.
"Use anything except outlook" allows the use of 99% of the email clients out there, disallowing only one.
"use a program that can read word docs" is the opposite, that requires you use one (or one of a handfull) of particular document readers while disallowing the other 99%. A more appropriate statement would be "use any document reader except staroffice". Which would be perfectly reasonable if you felt staroffice had some ridiculous bugs.
Perhaps some sort of wrapper could be developed that you could run most simple apps in that could be suspended...
Certainly one would think that apps written in langauages like java that are already set to run in a sandbox would be fairly easy to wrap and suspend... as apposed to things like X windows or things that work too closely with the hardware.
Slashdot Mirror
uhh, no.
It IS DRM, and has to be because the key feature is the ability to revoke access even after the viewer has the video file. (presumably for when an employee who DID have access decides to quit/is fired)
Suppose I'm a big business and I have people all over the world. I want to distribute training videos to my employees. These videos are TOP-SECRET because they show how to build widgets in this awesome new way I invented.
My new widget manufacturing technique is going to let me sell my widgets for half what the competition charges. If this video gets out on the net I'm going to lose millions.
DRM wrappers would allow me to authorize certain employees to access the videos AND I'll be able to revoke access if they quit.
I realize no encryption scheme is going to be perfect so I want something that's pretty good and has open source so I can be sure that Micro$oft/Real/GWBush dont' have magic universal keys.
he is talking about megabits/second/month capacity, not throuput.
in other words, you can saturate that 1Mb/s 24/7 (which over a month is about 300GB)
btw, it's now down to about $350-500/month for each megbit/s of capacity.
bandwidth? bandwidth is not that expensive.
bandwidth costs about 0.12 cents US per megabyte when bought in blocks of 50gigs or more.
So that's about half a cent for a typical MP3... (160kbit for 4 minutes).
So even an album that used an entire CD (74 minutes) and was compressed to 192Kbit/s would cost about 13 cents US to send over the Internet.
Of course that doesn't include the cost for the end user to dl... that's just from the server side... end users have been known to pay as much as 0.5-1.5 cents per megabyte...
Or maybe they got owned because they're crazy enough to run an FTP server....
Who the heck runs FTP anymore? except for anon download only it's insanely insecure. I mean come on people, do you log into your systems using telnet aswell?
One more thing... I forgot to mention that the whole point of this is that mplayer can now add support for the real codecs so you don't have to run a player from realnetworks ever again.
It's not as bad as you make out.
The new RealOne player is not as bad as MS media player. First of all, you CAN turn off all those things you mentioned (did you even look for the checkboxes in the options menu?) Second, unlike media player realOne defaults to NOT uniquely identifying your player to servers.
ha. hahahahhaha....HA!
you make me laugh with your silly ideas.
hahaha
hahaha, my 19" samsung CRT running my FPS games at 1280x1024 laughs heartily at your primitive tv games.
How about putting cheapo tvout cards in all the servers, and connecting them all to a dedicated pc that has like 5 bt878 capture cards. (short svideo cables)
That'll let you see the whole boot process including doing bios stuff.
Then run ffserver (ffmpeg, or maybe ffpegrec which is part of nvrec) on this gateway machine to encode and serve up divx5 video streams.
You can add security with freeswan and certificates if you like.
This can all be done using linux fairly easily. The major drawback would be the limit on PCI slots for capture cards. There are cheap Viewcast cards that have 3 inputs you can switch between so you could get at least 15 channels.(just not all at the same time)
You'd need a control channel aswell i guess.. maybe you could get a keyboard switch and write a little script to let you pipe your keyboard actions to whichever machine you want.
"Transactions with cash would be handled much the way they are on the internet now. You would trust the server with a credit card number, which you would send through a secure tunnel."
No!
credit cards suck. sorry to nit-pick, I realize this wasn't the main thrust of your post, I just wanted to rant briefly about how much credit cards suck.
[rant]
Credit card numbers are like keys to your bank account. What kind of commerce system operates by having the customer hand over the keys to their bank account to every merchant they want to buy from? It's ridiculous, "here's the key to my bank account, please don't take any more money than we agreed upon... oh, and please don't keep a copy of my keys"
There's no security at all, it's just supported by insurance and we pay for it in the form of transaction fees to the tune of several billion dollars a year. It blows my mind. Any half-way decent electronic commerce system should be using cryptographic tokens to represent cash in transit.
[/rant]
Amazing, I wonder how something that creates so much heat can also be as efficient as they claim...
Also, if they are using the 2.4whateverGhz to energize the little 'bulb' why exactly should this cause interference? Have I misunderstood something here? My understanding is that they are beaming energy at 2.4Ghz within the device only, just like a microwave oven but at a MUCH lower power output...They're not flooding the room with it... I mean come on... if this device is sooo efficient wouldn't it use a reasonably well directed beam for this? with shielding/reflectors?
Sounds like a big non-story to me.
Who the hell would buy that crap when there are LED lights available anyway?
Your comment stresses the fact that this proposed system would be used for online identification purposes only. This seems to imply that there is some other kind of authentication that is not covered... perhaps this has something to do with the "meatspace" I've read about...
I'm not sure that this "meatspace" authentication has much to do with me. Someone told me you can get to "meatspace" by turning off your computer and going outside but I'm not prepared to give up my PC's uptime just to find out.
buddy, you're just ignorant. If you were posting with a real userid I might bother collecting some links for you.
I suppose there's a chance the CIA never sold drugs to US citizens (if you don't count working with the drug dealers further back in the supply chain), but they certainly do have their hands dirty. (bloody actually)
You're right about one thing tough, this is very much OT.
"the sims" is a stupid fucking game. If it's really the best all-time seller then that confirms that the world is full of dumb-ass fuckers.
same thing goes for myst, just another boring piece of crap.
"Deadplant, thank you for two common scenarios where a laptop and a detector..."
;-)
gee, nobody ever thanked me for a slashdot post before!
As for your proposed remedies, I think you've got the right idea however I think the real problem is going to be the huge installed base of systems. Most dentists don't read this sort of tech story. What we need is some way to notify people that we think could be vulnerable to this sort of attack.
Perhaps a good starting point would be to contact the companies that run EDI systems (insurance companies, credit agencies etc..) and make sure they're aware of it so that they can contact their clients.
I used to work for a tech company that setup networks and misc IT for small business. I can think of at least three sites where there are visible modems that at least occassionally transmit sensitive info. I can however think of none that read slashdot...
In fact, the place I work right now has it's server room visible through a lightly tinted (indoor) window, DSL modem and all... I wonder...
When i get home tonight i'm gonna talk to my roomate about making a small device to detect whether a device's LEDs are emmitting 'class III' data or not. I'd sure like to test some of the equipment around here.
"But before you can do any of that, you have to be able to _see_ the blinking lights"
I can think of a couple of other possible scenarios where people might get to see your lights... several industries use EDI systems for various purposes, dentists for instance use modems to dial-in to EDI systems run by insurance companies to check claims info. If that modem is visible a client could fairly easily carry a detector in their briefcase and possible grab some usefull info (SIN/SSN numbers perhaps? or credit card numbers)
Other companies use modem based EDI systems to do credit checks which of course would be stuffed with usefull info.
never mind... i should read the articles before posting...
I guess I'll go throw a towel over my modem now.
reconstruct the data from the flashing lights??? whatever. That's so ridiculous it's laughable.
If that was possible you would have discovered a spectacular new way to compress data at 1000-1 or better. My DSL modem sends a 1500 byte packet and the light blinks... now reconstruct that packet for me from that single blink... I don't think so.
hehe, good try and pretty funny.
a better analogy might be: Companies paying to have their mail-order catalogs placed strategically in your library... alphabetical order be damned.
Or little ads on those index cards libraries use... I can see it now.. viagra ads at the beginning of the S.E.X. section.
I've been working on a system that does alot of what the netwinder was supposed to do.
MY system however is much better! (shameless plug)
It's runs debian for a start, so expanding it's capabilities is as easy as "apt-get install". It runs on x86 hardware because x86 is soooo damn cheap and powerfull. so you can always build your own or upgrade or whatever. We plan on making a low-power version at some point (strongARM or whatever) to take advantage of that niche.
My VPN system works. It's using FreeS/WAN and RSA keys, no certificates at the moment, but hey! it's more secure this way anyway.(transfer your public keys OutOfBand on a floppy disk)
It also has cool features like the ability to have multiple Internet connections that will 'fail-over', and multiple LAN segments that can be firewalled off from each other, they can be given different net connections to use, and you can customize the level of access for each LAN. So you can put your important internal servers on a seperate segment from your general purpose email/browsing PCs, and limit/eliminate their net access.
It also comes with built-in email virus filtering (you have to pay for virus scanner license). oh, and it runs Apache with mod_ssl so you can deploy web-based apps on it and use cool x509 certificates for access control...
I could go on and on... it's made for people who don't necessarily know how to use linux, but if you do then there's all kinds of cool stuff you can add.
you miss the point, this is halted system, not just a system with no drives mounted. I other words no user processes can start at all. It is therefore impossible for a virus to run, the only kind of exploit possible would be one that directly exploits a flaw in the kernel (a fairly rare thing). and beyond that, it would probably have to be an exploit designed for this kind of system specifically since most exploits assume it's possible to execute a process (like a shell, or an 'rm -rf' or something)
we don't think you're evil, we think the telco charging you $1100/month for the T1 is evil!
Sympatico too?
those bastards! I seriously doubt they have any shortage of bandwidth, I have a hard time sorting out who own who there but I think sympatico is part of Bellnexxia which is part of the big Bell Canada... bellnexxia has a nifty national fiber network with plenty of room to grow, light more fibers! (www.bellnexxia.com has info on their network)
bellnexxia offers business class ADSL in Canada for as little as $120/month (dymanic IPs) and $239/month (static IPs). that's for 3Mbit down, 640K up. 10gB/month bandwidth cap.
sympatico's residential service is $40/month for 1.5Mb down, 160kbit up (it's supposed to be 240 or 320 now/soon i think) dynamic ip, no bandwidth cap. The same service is available to business for $80/month
IGS doesn't have the coverage of the other two, but they offer 3Mbit down, 800kbit up for $179/month. static IPs. not sure about bandwidth caps..
I can't say anything bad about sympatico myself because I pay $64.95/month for a 2.2Mbit down, 1.1-1.3Mbit upstream ADSL with a single static IP and no bandwidth cap! it was part of their test-market and they let me keep it afterwards! I continue to be very very very gratefull. (servers allowed!, no pppoe, and I've NEVER had any trouble maxing out my bandwidth, their network seems to have plenty of spare capacity)
Actually, your analogy isn't really very accurate.
"Use anything except outlook" allows the use of 99% of the email clients out there, disallowing only one.
"use a program that can read word docs" is the opposite, that requires you use one (or one of a handfull) of particular document readers while disallowing the other 99%. A more appropriate statement would be "use any document reader except staroffice". Which would be perfectly reasonable if you felt staroffice had some ridiculous bugs.
Perhaps some sort of wrapper could be developed that you could run most simple apps in that could be suspended...
Certainly one would think that apps written in langauages like java that are already set to run in a sandbox would be fairly easy to wrap and suspend... as apposed to things like X windows or things that work too closely with the hardware.