There is incidentally one big advantage to the consumer... They can use CPRM enabled software to use, view or listen to music/video/software/whatever encrypted for CPRM.
This is a valid point. I didn't get to read the spec yet but from what I've gathered going from the previous discussions there are several reasons why this will probably not work out:
1. The key space on the device, whether it's a couple of tracks of disk or a flash in a secure microcontroller will propably be limited in most cases. This means that this space will most likely be rented out to entities with a valid reason of using the scheme. Entities with a valid reason to use do not include people like you and me because we're only consumers. Even if they did rent it out to everyone it would propably be very expensive.
2. Who says the device itself is secure. Since we do not have (convenient) access to the firmware or microcode of the devices this will be implemented on whose to say there isn't a away for example to access & decrypt the contents with a special "law enforcement" key?
3. Letting 3rd parties (us) in onto the system beyond the spec, meaning letting us choose keys to operate the system with might be the first step towards a deCSS style hack.
NO 2 CP
Re:Vax/VMS == greate firewall no script kiddie gro
on
PDP-10 Revival
·
· Score: 1
Considering that VAX/VMS started getting a TCP stack only I think after version V5.1 maybe V5.3, but sheesh this is sooo long ago, somewhere around 1994: how much work do you think went into that protocol stack? How many fixes and patches were made to that stack since then? Hmmm... speaking of firewall support built into the operating system, I don't think there was any support for that even in DECnet..
How about using it for a screen that can "think"... think about whether you are entitled right now to display a given piece of intellectual property or not... If the screen itself, that array of x pixels in this direction and y pixels in that direction could check entitlement and decrypt the IP to be shown...
Slashdot Mirror
All that needs to be done is to verify the digital signature of the boot image... Check out the Intel Boot Integrity Services.
There is incidentally one big advantage to the consumer... They can use CPRM enabled software to use, view or listen to music/video/software/whatever encrypted for CPRM.
This is a valid point. I didn't get to read the spec yet but from what I've gathered going from the previous discussions there are several reasons why this will probably not work out: 1. The key space on the device, whether it's a couple of tracks of disk or a flash in a secure microcontroller will propably be limited in most cases. This means that this space will most likely be rented out to entities with a valid reason of using the scheme. Entities with a valid reason to use do not include people like you and me because we're only consumers. Even if they did rent it out to everyone it would propably be very expensive. 2. Who says the device itself is secure. Since we do not have (convenient) access to the firmware or microcode of the devices this will be implemented on whose to say there isn't a away for example to access & decrypt the contents with a special "law enforcement" key? 3. Letting 3rd parties (us) in onto the system beyond the spec, meaning letting us choose keys to operate the system with might be the first step towards a deCSS style hack. NO 2 CP
Considering that VAX/VMS started getting a TCP stack only I think after version V5.1 maybe V5.3, but sheesh this is sooo long ago, somewhere around 1994: how much work do you think went into that protocol stack? How many fixes and patches were made to that stack since then? Hmmm... speaking of firewall support built into the operating system, I don't think there was any support for that even in DECnet..
How about using it for a screen that can "think"... think about whether you are entitled right now to display a given piece of intellectual property or not... If the screen itself, that array of x pixels in this direction and y pixels in that direction could check entitlement and decrypt the IP to be shown...