And as an added bonus the MS utility will probably be smart enough to not waste backup space on copyrighted and DRMed media that the OS will refuse to play on reimaging anyway!:)
I don't think the issue is so much windows anymore as just a general lack of sane dependency handling in large-scale software applications (the kinds of programs that cost $1 million to buy, and where the vendors have 100 customers max). Often some service goes down, and if you just restart it things still don't work. The problem is that if you have 14 services running it can be a pain to pinpoint which one is down, and if they don't have dependency info set correctly the other services don't get recycled and they're still timing out trying to talk to the old service process. I don't know if windows handles dependencies all that well/etc/init.d/ style.
So, often the quickest fix is to reboot first - takes 2 minutes and fixes many of these sorts of problems quickly. Obviously this is assuming you've identified that the problem is some sort of server issue and not data related. If you have 14 services running it might be mathematically elegant to figure out which one is bad and restart them in the proper sequence, but rebooting gets rid of all the variables.
If vendors wrote better software we wouldn't need these sorts of hacks. On linux it wouldn't be tolerated, and in any case I could just edit the init.d scripts myself to fix the dependency info. However, in the world of windows we're stuck with what the vendors sell us...
If you are deploying a bunch of servers I agree that you don't want to spend days just putting an image on each one. However, a stage-3 install of gentoo only takes a few minutes, and then you just need to do any desired security updates. You can download binary packages if you need them, and you can also put your cached binary packages on a network share - so if you build with particular settings you can recycle across all your servers.
On a production environment, 10-15 minutes is really too much. Especially for minor upgrades (eg. security updates).
Agreed. If I'm doing an update that is time-sensitive (mysql, samba, etc) I'll build a package only initially, and then quickly down the daemon, merge the package, update configs, and start the daemon. And if you want you can easily try it all on a chroot first.
Personally, I love gentoo. If I were deploying a server I'd probably consider Debian first, but I don't have much Debian experience and there might be drawbacks there I'm not thinking of. I wouldn't consider gentoo totally unsuitable for servers, however.
Agreed - the thing that makes ICBMs so hard to destroy is their insane kinetic energy. However, it is this very same energy that makes them almost impossible to steer after boost phase. Short of actually detonating the warhead nothing is going to make it change direction more than a degree travellling at Mach 20+.
Entertainment publishers aren't going to start handing out files with no DRM attached, because (as you point out) there are so many P2P networks out there where it will immediately be distributed to the world.
How would that differ from what is happening now - when all the shows do have DRM?
So it's their fault that you bought a puny monitor for your PC, and your graphics card lacks a video-out jack?
Uh, how about the fact that I watch TV in my living room using a remote, and not in an office with a keyboard/mouse? I do have a video out jack as a matter of fact (granted, the PC sporting this isn't running windows), but I'd rather not run USB cables all over the house.
And as far as the limitations associated with DRM goes - just wait and see. At the very least if you wipe your computer and itunes is out of business you won't be able to watch your shows no matter how many backups you have.
If a zero-day worm is invading the whole company all kinds of short-term solutions become viable - shutting down email servers, firewalling all traffic, and killing every switch in a 20,000 employee site are are acceptable steps that can be taken to delay worm propagation.
However, once signatures are updated and firewalls can properly filter traffic, none of these measures should be needed.
By now every email server in the world should know how to scan zip files and every file inside. Yet, at work we have bans on dlls and exes inside of zip files requiring partners to email.zi_ files with.ex_ files inside (just renamed extensions - not the ancient MS distribution method). Password-protected zips apparently are also safe (which boggles my mind - if anything those are the ones that should be blocked since they can't be scanned).
Companies should invest in their infrastructure a little so that they DON'T need to lock down every little feature on their computers and create user hassles...
I generally just use proxy bidding if I'm buying something with a single listing, and I don't worry about sniping. I put in what I'm willing to pay as my max bid, and if somebody bids a dollar more they're welcome to keep it. If you're getting sniped then you're not really putting in what you're willing to pay - since if you'd have bid a dollar more if you were present when being sniped then you were willing to pay more up-front.
That said, I would do some sniping myself in one particular situation. Imagine I want to buy some high-volume item - like a popular CD or video game or something. One listing is as good as the next within some parameters - so I have 47 listings to choose from. I only have a few choices:
1. Put in my genuine max bid on one listing. Next day I log in and find somebody outbid me by $20 on that listing (they might not even have been sniping), but an hour later in the middle of the night another identical listing sold for $10 less than my minimum. If I had bid on that item I'd have won and would have gotten it cheaper (maybe). 2. Put in my genuine max bid on all the listings. Next day I log in and find I'm the proud owner of 15 copies of the CD. Now I get to be a power seller. 3. Wait until each auction comes up and bid up to my max bid on each one until I get one. There is another name for this - it is called sniping. I get one item for what I was willing to pay, or none of them.
And you don't need to stay up late to snipe - just to run the right software. The only way to get rid of this (in my opinion very legitimate) use of sniping is to institute pooling of auctions of similar items. The problem is that items may very in quality - if I'm sniping I can flag 47 listings that I like and ignore 27 others that I don't like.
I think this is the main reason people snipe - otherwise they'd just put in a max bid and go away.
Do everything like they're doing it now - but without the DRM. I can get any popular music track I want without DRM. I can download from P2P and risk getting sued, or I can pay a few cents to allofmp3 risk-free (sure, there is a lot of arguing over legalities, but a) if you're only downloading your liability would be minimal at best, b) you are paying something so it is a gray area, and c) unlike P2P it is really hard for a 3rd party to trace anyway without cooperation from the Russians). I'd rather buy from the copyright holder and be on firm legal ground getting a solid product, but I don't like DRM. Now, as a result I tend not to buy much music at all.
What good is DRM doing the music industry? iTMS is locked down and yet people still pirate everything on it. Every version of fairplay to date has been cracked in one way or another, and people can rip CDs as well. It only takes one ripped CD to provide the world with all the audio it needs.
DRM will probably never block content from becoming available online. It only hassles normal users. So, get rid of it.
The results? Simple:
1. Most people will buy Sony's music from sony.com, etc. They know what they're getting and that the artist is getting something (or at least they think the artist is getting something). 2. Sony could easily sell this music themselves if they don't need this huge DRM infrastructure - just offer up a storefront that downloads mp3s/etc. 3. The content available at gray-market or black-market sites WON'T CHANGE AT ALL - they already have all the tracks, and they'll still have all the tracks. 4. The RIAA can still sue P2P traders all they want. 5. Lots of new devices will spring up, now that you don't need all kinds of DRM licenses to play music. Lots of devices mean lots of music purchases. Manufacturers won't go too crazy with making it easy to distribute music - they're still open to lawsuits. But, you might see person-to-person file trading like you do on the Zune and stuff like that. 6. If RIAA stops ticking off the linux/FOSS community and other anti-DRM zealots you'll have less people with strong IT skills going out of their way to destroy their distribution model. If linux users can just download the latest tracks for 99 cents they won't spend 1000 hours making a music-trading plugin for tor/freenet/whatever. If your whole goal is technological control you don't want to tick off thousands of programmers.
Honestly, I think the RIAA will make more money if they ditch DRM - or at least they won't lose any more than they are already losing. I'm under no illusions that music will get made if there is no profit (sure, it will get made, but not like it does today). However, profit can be made with existing legal protections - we don't need all kinds of new processes just because of the internet.
Nothing wrong with apple coming up with a fancy non-standard interface for their iPod - but is there any reason they couldn't have also supported drag-and-drop.
My iAudio G3 came with fancy software - I never installed it. Instead I can just copy away with no trouble at all.
When I tried to load music on an iPod shuffle using itunes it was a major hassle. The software wouldn't transcode the audio automatically (it wasn't in mp3/aac). So, I batch-converted it in linux and put it on a network share to upload using itunes. That worked, but then if I deleted the aac files (which I no longer needed) it insisted on purging them from the ipod on the next sync. I couldn't find any way to prevent this. It was quickly returned and substituted for an iriver which supports the standard usb storage device protocol (plus it handles ogg natively - and when I transcoded iTMS songs to ogg I didn't need to keep them around either (which brings up my other pet peeve - not-so-fair-play and the need to jump through hoops to get the audio ripped into another format (such as burning to CD))).
I'm all for fancy software, but I'm also for keep-it-simple (ie use the standards every other piece of software supports) - users should have either option.
Sure it can - you just index files as they are copied over. It isn't like you're going to delete and re-upload your entire collection 14 times a day. Most likely you just add a few files at a time - the device reads them and store the info in a database.
The thing doesn't need to run mysql to keep track of a few fields. And most other mp3 players out there handle flash-drive-style copying just fine.
Oh, I'll agree with you there. If the networks eased up on the DRM they'd have hundreds of companies begging for distribution rights - and all kinds of innovative products that would help sell programming. Right now, however, a lot of stuff just doesn't get done because it is hard to fit into the DRM model. Plus, networks are shy to try ANYTHING new - I'm sure they'd ban DVRs if they could.
Although, looking at the top seller's on iTMS, it seems that most are popular programming, like Galactica or The Office, which leads me to believe that they don't have myth or a DVR, and probable that many are simply picking up "missed" shows.
Agreed - and if you don't have a DVR (or you have one that misses/loses shows) iTMS is the only game in town - so obviously they'll sell (that's the nice thing about monopolies).
And as long as you doing the math with myth you probably should deduct the price of a dedicated PC with tuner cards.
Agreed - this was a major factor in my decision to go myth. The dedicated PC wasn't a big deal - I just piggy-backed on the otherwise-dedicated linux server. I did end up paying for a diskless front-end though. Hardware costs for myth aren't really much worse than with any other DVR - you just can't benefit from the promotional subsidies. (Kind of like buying an unlocked cell phone without a calling plan.)
I'd gladly use something like iTMS to supplement my video collection, but it won't play on linux, it can't be added to my mythtv show collection, it won't play on the PC attached to the TV, it probably has all kinds of expiration and burning restrictions, etc. If they dropped the DRM they could make modules on DVRs that would just download shows with a single click from iTMS and they'd make an even bigger killing. Somebody would undoubtedly make a plugin for mythtv (they already have one for Netflix).
The thing is - I don't see what the DRM gets them. If somebody wants to download a show they can do that already - the DRM doesn't stop that now - it just hinders legitimate use.
With satellite, you're paying for the 6 months of the year when the networks are only playing re-runs.
There is always something on TV. While I typically have about 20 shows programmed they vary by season. With a number of people in the house the shows tend to vary more by season. And not all are first-run.
iTunes is still more expensive, but not "way more expensive."
$18/month is quite a bit - I could subscribe to two premium channels for that much, or add three more tuners to my DVR (not that I'd need them - a 3rd might be handy once in a blue moon although I'm working on getting HD off the air to transcode to SD for watching in the living room).
Plus, you don't have to skip around commercials or leave a computer on 24/7
The computer would be on 24/7 for any number of other reasons (file server, domain controller, webserver, mail server, NAT firewall, etc - or all of these at once in my case). It is a fairly nominal cost per month.
And with mythtv commercial skipping is just push-one-button - and you can even automate that. It doesn't get it right about 5% of the time, but then I can just jump 2 min at a time (and that is probably once every other show).
Not to mention that itunes won't work on linux, won't work on a diskless front-end, and the shows probably have all kinds of crazy expiration rules/etc. I also like being able to burn to DVD and watch on a plane or give an episode to a friend.
If I can hack all this stuff together in my spare time somebody could easily make a killing making a friendly appliance. However, the thing that is stopping them is all this obsession with DRM. It isn't like this stuff is rocket science.
Complaining that it doesn't match an implausible ideal seems pointless.
But I just want an mpeg file. That is hardly implausible. Sure, if I wanted a service for $9.99 which included a free 52" plasma rental with on-demand viewing of any movie in HD that was ever made that would be a bit silly (at least today).
None of that provides any real obstacle to watching the show (which is the point of television, I thought).
Uh, how about the fact that I'd like to watch the show on my TV, and be able to re-watch it as I desire (for no additional charge). Watching it in low-res on a 15" PC monitor doesn't quite cut it. Nor does a set-top box that stops working the day I stop paying some fee, or which expires the shows 10 days after I download them.
Wouldn't it be neat if first-run movies played on my home TV, and there were no commercials on anything, and I could call up epsidoes of All in the Family to watch at will? I'd also like to have a pony.
Hey - I didn't say I wasn't willing to pay for the privilege of downloading these shows. I'm just not willing to pay for shows that I can't do anything with other than watch one time in a web-browser in one OS. If that is the requirement I'll just obtain my shows in some other way (DVR, DVD, etc). But, there is a market out there for anybody willing to cater to it.
Looking at my myth box I have about 25-30 shows programmed to record regularly. Now, granted we don't watch every single episode of every one of those, but most are probably watched every week. Factor in that this is a family of 4.
Assuming that on average a new episode is available for 20 of those shows in a typical week, that is $40 per week. My satellite bill is about $40/month for two tuners. $2/show is just way too much.
The math changes quite a bit when you put multiple people in the same household.
If you want to get really crazy you could share your programs with your family via mytharchive torrents. (With myth it is easy to export videos to an xml/mpg combination package that can be imported into another database with full metadata.) As long as you keep it among family/friends it should probably fall under fair use (obviously uploading to TPB could lead to trouble).
Only problem is that the download services are all DRM'ed to death and incompatible with mythtv. All I need is an MPEG-2/4 file and I'll be happy (especially if it has AC3 audio). I'm more than willing to pay - it could be a lot cheaper than satellite. Plus, the bitrates would probably be higher and I wouldn't have as many glitches in the program streams as when I record it myself.
The studios are nuts - people can bittorrent any show they want right now and get video without DRM. So, if they just offered it themselves they would capture a huge market. People would gladly pay a buck or two for a show just to be safe from lawsuits, avoid having to mess around with torrent sites, watch video download at 10KB/s, etc.
It's doomed to fail; only the NSA and other anal information agencies will use it fully.
Oh, on a side note - I'd use it. I love the idea of hardware-enforced security. If I could upload my own certificates into the TPM modules I could implement a number of features:
1. Run a rootkit-hunter that could reliably detect rootkits running in memory. 2. I could keep my ssl keys / etc locked up tight - no need for boot-up passwords, and yet no worries about people getting them off the drive. 3. I could use remote attestation to detect viruses/etc running on other PCs in my house. Maybe somebody in the house managed to install some malware (even without admin privs - local escalation hole or something like that) - I could cut that off at the firewall level. 4. If I were a business I could ensure computers browsing the internet had full patches.
All of this stuff is a good reason for trusted computing. As the owner of the computer and the holder of the keys I'm in control. The problem comes when I'm not the holder of the keys, and somebody else is doing the attestation.
I'd use TC in a second - but it needs to serve me - not some 4-letter association.
Right, but what are the odds on all of the software that is signed with those public keys being bullet-proof?
No software will be signed with any of those keys. The certificate only certifies that the chip implementing TPM is genuine.
The logic is that on bootup the TPM chip will hash the BIOS and store this has, and will provide a signed attestation upon request that this BIOS was booted.
The BIOS will then hash the OS that it boots and provide its hash upon request. The OS will do the same for a piece of running software.
A remote website will ask a piece of software for a chain of trust. The software will ask the OS for its hash, and the OS will ask the BIOS for its hash, and the BIOS will ask the TPM chip for its hash. All of these signed hashes will get sent to the remote website. The remote website will check all the hashes and decide whether to provide the software with a decryption key.
If the software is found to have a vulnerability it could be revoked at the server level. Obviously this will be a pain for anybody who owns that software, but TC isn't designed to make user's lives easy.
I agree that there are a bunch of issues with TC, but it will make extracting protected content a real pain. It might also make it harder for you to open your documents in open-source software. While you could always download an unprotected torrent of the latest movie release, you won't be able to find an unlocked torrent for the spreadsheet you created in MS Excel the other day.
My feeling is that we need legislation requiring the disclosure to computer buyers of ALL keys stored within them, and any related-keys that are needed to access features on those computers (such as any signing keys needed to flash the BIOS). And by disclosure I mean the keys themselves - not just the fact that they're there. Computer owners could use TC to secure their computers against hackers/viruses/etc, but 3rd parties couldn't use TC to secure computers against their legal owners.
Agreed - the US had control over the person, so all they wanted is approval from Russia to try him. They could have tried him with or without it (from a purely practical perspective). Unless Russia wanted to send in special forces there was no way he was getting out of the US.
In the present situation everything is reversed. The fugitive is on Russian soil, and unless the UK performs an invasion they aren't going to get him onto British soil. So, the exact same forces that tended to lead to the US having jurisdiction before are now leading towards Russia having jurisdiction.
Plus, in the US case the drunk driving was obviously not some Russian plot to kill random US citizens. In the UK case we don't know for sure who was behind the assassination, but it seems quite plausible that it was an official government action.
Mac OS X can run in a virtualized environment only once the checks for the hardware DRM are removed by a hack,
And this only works because MacOS X needs to be able to run offline.
Once your HD-DVD player is required to be hooked up to the internet to work, that hack will stop working. The key to your DVD won't be stored on the DVD - instead you'll download it each time you play it. However, the server hosting the key won't provide it unless you pass a TCPM check - if the hashes of the bios/OS/player aren't trusted the key won't be provided. Without defeating the physical security on the TCPM chip you won't be able to simulate/virtualize/emulate/whatever this handshake - it ultimately relies on a private key buried in the chip that never leaves it.
The private key for your motherboard will be - it will never leave a single chip. Sure, if you have the hardware you can in theory obtain it, but this will require stuff like electron microscopes.
You can't make it impossible - but you can make it REALLY hard.
They would use SSL. Most likely 1024/2048 bit keys. You won't guess them.
And the manufacturer wouldn't know your key either. Most likely the chip will generate its own keypair, store it in flash, give the manufacturer a CSR, which would then be signed and returned to the chip as a certificate. At this point the only copy of the private key is in the chip - at best the vendor knows the public key, which is no good for bypassing TPM.
Now, what you could do is get the manufacturer's signing key and make your own certificates. That would certainly work. However, it hasn't really happened yet in the SSL world, and there is no reason to think that it will happen in the future - those keys would be kept under close guard.
How many keys does the system support? They'd need an awful lot of them if they're going to encode every disc with one unique key per copy of software / hardware sold.
A billion keys isn't all that unrealistic a number. Sure, I guess it could be done, but it sure is an interesting approach.
Plus, in this particular case they wouldn't know the key for the piece of hacked hardware - they didn't disclose the software key - only the media keys.
And as an added bonus the MS utility will probably be smart enough to not waste backup space on copyrighted and DRMed media that the OS will refuse to play on reimaging anyway! :)
I don't think the issue is so much windows anymore as just a general lack of sane dependency handling in large-scale software applications (the kinds of programs that cost $1 million to buy, and where the vendors have 100 customers max). Often some service goes down, and if you just restart it things still don't work. The problem is that if you have 14 services running it can be a pain to pinpoint which one is down, and if they don't have dependency info set correctly the other services don't get recycled and they're still timing out trying to talk to the old service process. I don't know if windows handles dependencies all that well /etc/init.d/ style.
So, often the quickest fix is to reboot first - takes 2 minutes and fixes many of these sorts of problems quickly. Obviously this is assuming you've identified that the problem is some sort of server issue and not data related. If you have 14 services running it might be mathematically elegant to figure out which one is bad and restart them in the proper sequence, but rebooting gets rid of all the variables.
If vendors wrote better software we wouldn't need these sorts of hacks. On linux it wouldn't be tolerated, and in any case I could just edit the init.d scripts myself to fix the dependency info. However, in the world of windows we're stuck with what the vendors sell us...
For a Debian system, two hours is just too much.
If you are deploying a bunch of servers I agree that you don't want to spend days just putting an image on each one. However, a stage-3 install of gentoo only takes a few minutes, and then you just need to do any desired security updates. You can download binary packages if you need them, and you can also put your cached binary packages on a network share - so if you build with particular settings you can recycle across all your servers.
On a production environment, 10-15 minutes is really too much. Especially for minor upgrades (eg. security updates).
Agreed. If I'm doing an update that is time-sensitive (mysql, samba, etc) I'll build a package only initially, and then quickly down the daemon, merge the package, update configs, and start the daemon. And if you want you can easily try it all on a chroot first.
Personally, I love gentoo. If I were deploying a server I'd probably consider Debian first, but I don't have much Debian experience and there might be drawbacks there I'm not thinking of. I wouldn't consider gentoo totally unsuitable for servers, however.
Agreed - the thing that makes ICBMs so hard to destroy is their insane kinetic energy. However, it is this very same energy that makes them almost impossible to steer after boost phase. Short of actually detonating the warhead nothing is going to make it change direction more than a degree travellling at Mach 20+.
Entertainment publishers aren't going to start handing out files with no DRM attached, because (as you point out) there are so many P2P networks out there where it will immediately be distributed to the world.
How would that differ from what is happening now - when all the shows do have DRM?
So it's their fault that you bought a puny monitor for your PC, and your graphics card lacks a video-out jack?
Uh, how about the fact that I watch TV in my living room using a remote, and not in an office with a keyboard/mouse? I do have a video out jack as a matter of fact (granted, the PC sporting this isn't running windows), but I'd rather not run USB cables all over the house.
And as far as the limitations associated with DRM goes - just wait and see. At the very least if you wipe your computer and itunes is out of business you won't be able to watch your shows no matter how many backups you have.
If a zero-day worm is invading the whole company all kinds of short-term solutions become viable - shutting down email servers, firewalling all traffic, and killing every switch in a 20,000 employee site are are acceptable steps that can be taken to delay worm propagation.
.zi_ files with .ex_ files inside (just renamed extensions - not the ancient MS distribution method). Password-protected zips apparently are also safe (which boggles my mind - if anything those are the ones that should be blocked since they can't be scanned).
However, once signatures are updated and firewalls can properly filter traffic, none of these measures should be needed.
By now every email server in the world should know how to scan zip files and every file inside. Yet, at work we have bans on dlls and exes inside of zip files requiring partners to email
Companies should invest in their infrastructure a little so that they DON'T need to lock down every little feature on their computers and create user hassles...
I generally just use proxy bidding if I'm buying something with a single listing, and I don't worry about sniping. I put in what I'm willing to pay as my max bid, and if somebody bids a dollar more they're welcome to keep it. If you're getting sniped then you're not really putting in what you're willing to pay - since if you'd have bid a dollar more if you were present when being sniped then you were willing to pay more up-front.
That said, I would do some sniping myself in one particular situation. Imagine I want to buy some high-volume item - like a popular CD or video game or something. One listing is as good as the next within some parameters - so I have 47 listings to choose from. I only have a few choices:
1. Put in my genuine max bid on one listing. Next day I log in and find somebody outbid me by $20 on that listing (they might not even have been sniping), but an hour later in the middle of the night another identical listing sold for $10 less than my minimum. If I had bid on that item I'd have won and would have gotten it cheaper (maybe).
2. Put in my genuine max bid on all the listings. Next day I log in and find I'm the proud owner of 15 copies of the CD. Now I get to be a power seller.
3. Wait until each auction comes up and bid up to my max bid on each one until I get one. There is another name for this - it is called sniping. I get one item for what I was willing to pay, or none of them.
And you don't need to stay up late to snipe - just to run the right software. The only way to get rid of this (in my opinion very legitimate) use of sniping is to institute pooling of auctions of similar items. The problem is that items may very in quality - if I'm sniping I can flag 47 listings that I like and ignore 27 others that I don't like.
I think this is the main reason people snipe - otherwise they'd just put in a max bid and go away.
Here is my proposed solution:
Do everything like they're doing it now - but without the DRM. I can get any popular music track I want without DRM. I can download from P2P and risk getting sued, or I can pay a few cents to allofmp3 risk-free (sure, there is a lot of arguing over legalities, but a) if you're only downloading your liability would be minimal at best, b) you are paying something so it is a gray area, and c) unlike P2P it is really hard for a 3rd party to trace anyway without cooperation from the Russians). I'd rather buy from the copyright holder and be on firm legal ground getting a solid product, but I don't like DRM. Now, as a result I tend not to buy much music at all.
What good is DRM doing the music industry? iTMS is locked down and yet people still pirate everything on it. Every version of fairplay to date has been cracked in one way or another, and people can rip CDs as well. It only takes one ripped CD to provide the world with all the audio it needs.
DRM will probably never block content from becoming available online. It only hassles normal users. So, get rid of it.
The results? Simple:
1. Most people will buy Sony's music from sony.com, etc. They know what they're getting and that the artist is getting something (or at least they think the artist is getting something).
2. Sony could easily sell this music themselves if they don't need this huge DRM infrastructure - just offer up a storefront that downloads mp3s/etc.
3. The content available at gray-market or black-market sites WON'T CHANGE AT ALL - they already have all the tracks, and they'll still have all the tracks.
4. The RIAA can still sue P2P traders all they want.
5. Lots of new devices will spring up, now that you don't need all kinds of DRM licenses to play music. Lots of devices mean lots of music purchases. Manufacturers won't go too crazy with making it easy to distribute music - they're still open to lawsuits. But, you might see person-to-person file trading like you do on the Zune and stuff like that.
6. If RIAA stops ticking off the linux/FOSS community and other anti-DRM zealots you'll have less people with strong IT skills going out of their way to destroy their distribution model. If linux users can just download the latest tracks for 99 cents they won't spend 1000 hours making a music-trading plugin for tor/freenet/whatever. If your whole goal is technological control you don't want to tick off thousands of programmers.
Honestly, I think the RIAA will make more money if they ditch DRM - or at least they won't lose any more than they are already losing. I'm under no illusions that music will get made if there is no profit (sure, it will get made, but not like it does today). However, profit can be made with existing legal protections - we don't need all kinds of new processes just because of the internet.
Nothing wrong with apple coming up with a fancy non-standard interface for their iPod - but is there any reason they couldn't have also supported drag-and-drop.
My iAudio G3 came with fancy software - I never installed it. Instead I can just copy away with no trouble at all.
When I tried to load music on an iPod shuffle using itunes it was a major hassle. The software wouldn't transcode the audio automatically (it wasn't in mp3/aac). So, I batch-converted it in linux and put it on a network share to upload using itunes. That worked, but then if I deleted the aac files (which I no longer needed) it insisted on purging them from the ipod on the next sync. I couldn't find any way to prevent this. It was quickly returned and substituted for an iriver which supports the standard usb storage device protocol (plus it handles ogg natively - and when I transcoded iTMS songs to ogg I didn't need to keep them around either (which brings up my other pet peeve - not-so-fair-play and the need to jump through hoops to get the audio ripped into another format (such as burning to CD))).
I'm all for fancy software, but I'm also for keep-it-simple (ie use the standards every other piece of software supports) - users should have either option.
Sure it can - you just index files as they are copied over. It isn't like you're going to delete and re-upload your entire collection 14 times a day. Most likely you just add a few files at a time - the device reads them and store the info in a database.
The thing doesn't need to run mysql to keep track of a few fields. And most other mp3 players out there handle flash-drive-style copying just fine.
Oh, I'll agree with you there. If the networks eased up on the DRM they'd have hundreds of companies begging for distribution rights - and all kinds of innovative products that would help sell programming. Right now, however, a lot of stuff just doesn't get done because it is hard to fit into the DRM model. Plus, networks are shy to try ANYTHING new - I'm sure they'd ban DVRs if they could.
Although, looking at the top seller's on iTMS, it seems that most are popular programming, like Galactica or The Office, which leads me to believe that they don't have myth or a DVR, and probable that many are simply picking up "missed" shows.
Agreed - and if you don't have a DVR (or you have one that misses/loses shows) iTMS is the only game in town - so obviously they'll sell (that's the nice thing about monopolies).
And as long as you doing the math with myth you probably should deduct the price of a dedicated PC with tuner cards.
Agreed - this was a major factor in my decision to go myth. The dedicated PC wasn't a big deal - I just piggy-backed on the otherwise-dedicated linux server. I did end up paying for a diskless front-end though. Hardware costs for myth aren't really much worse than with any other DVR - you just can't benefit from the promotional subsidies. (Kind of like buying an unlocked cell phone without a calling plan.)
I'd gladly use something like iTMS to supplement my video collection, but it won't play on linux, it can't be added to my mythtv show collection, it won't play on the PC attached to the TV, it probably has all kinds of expiration and burning restrictions, etc. If they dropped the DRM they could make modules on DVRs that would just download shows with a single click from iTMS and they'd make an even bigger killing. Somebody would undoubtedly make a plugin for mythtv (they already have one for Netflix).
The thing is - I don't see what the DRM gets them. If somebody wants to download a show they can do that already - the DRM doesn't stop that now - it just hinders legitimate use.
With satellite, you're paying for the 6 months of the year when the networks are only playing re-runs.
There is always something on TV. While I typically have about 20 shows programmed they vary by season. With a number of people in the house the shows tend to vary more by season. And not all are first-run.
iTunes is still more expensive, but not "way more expensive."
$18/month is quite a bit - I could subscribe to two premium channels for that much, or add three more tuners to my DVR (not that I'd need them - a 3rd might be handy once in a blue moon although I'm working on getting HD off the air to transcode to SD for watching in the living room).
Plus, you don't have to skip around commercials or leave a computer on 24/7
The computer would be on 24/7 for any number of other reasons (file server, domain controller, webserver, mail server, NAT firewall, etc - or all of these at once in my case). It is a fairly nominal cost per month.
And with mythtv commercial skipping is just push-one-button - and you can even automate that. It doesn't get it right about 5% of the time, but then I can just jump 2 min at a time (and that is probably once every other show).
Not to mention that itunes won't work on linux, won't work on a diskless front-end, and the shows probably have all kinds of crazy expiration rules/etc. I also like being able to burn to DVD and watch on a plane or give an episode to a friend.
If I can hack all this stuff together in my spare time somebody could easily make a killing making a friendly appliance. However, the thing that is stopping them is all this obsession with DRM. It isn't like this stuff is rocket science.
Complaining that it doesn't match an implausible ideal seems pointless.
But I just want an mpeg file. That is hardly implausible. Sure, if I wanted a service for $9.99 which included a free 52" plasma rental with on-demand viewing of any movie in HD that was ever made that would be a bit silly (at least today).
None of that provides any real obstacle to watching the show (which is the point of television, I thought).
Uh, how about the fact that I'd like to watch the show on my TV, and be able to re-watch it as I desire (for no additional charge). Watching it in low-res on a 15" PC monitor doesn't quite cut it. Nor does a set-top box that stops working the day I stop paying some fee, or which expires the shows 10 days after I download them.
Wouldn't it be neat if first-run movies played on my home TV, and there were no commercials on anything, and I could call up epsidoes of All in the Family to watch at will? I'd also like to have a pony.
Hey - I didn't say I wasn't willing to pay for the privilege of downloading these shows. I'm just not willing to pay for shows that I can't do anything with other than watch one time in a web-browser in one OS. If that is the requirement I'll just obtain my shows in some other way (DVR, DVD, etc). But, there is a market out there for anybody willing to cater to it.
Looking at my myth box I have about 25-30 shows programmed to record regularly. Now, granted we don't watch every single episode of every one of those, but most are probably watched every week. Factor in that this is a family of 4.
Assuming that on average a new episode is available for 20 of those shows in a typical week, that is $40 per week. My satellite bill is about $40/month for two tuners. $2/show is just way too much.
The math changes quite a bit when you put multiple people in the same household.
If you want to get really crazy you could share your programs with your family via mytharchive torrents. (With myth it is easy to export videos to an xml/mpg combination package that can be imported into another database with full metadata.) As long as you keep it among family/friends it should probably fall under fair use (obviously uploading to TPB could lead to trouble).
Only problem is that the download services are all DRM'ed to death and incompatible with mythtv. All I need is an MPEG-2/4 file and I'll be happy (especially if it has AC3 audio). I'm more than willing to pay - it could be a lot cheaper than satellite. Plus, the bitrates would probably be higher and I wouldn't have as many glitches in the program streams as when I record it myself.
The studios are nuts - people can bittorrent any show they want right now and get video without DRM. So, if they just offered it themselves they would capture a huge market. People would gladly pay a buck or two for a show just to be safe from lawsuits, avoid having to mess around with torrent sites, watch video download at 10KB/s, etc.
It's doomed to fail; only the NSA and other anal information agencies will use it fully.
Oh, on a side note - I'd use it. I love the idea of hardware-enforced security. If I could upload my own certificates into the TPM modules I could implement a number of features:
1. Run a rootkit-hunter that could reliably detect rootkits running in memory.
2. I could keep my ssl keys / etc locked up tight - no need for boot-up passwords, and yet no worries about people getting them off the drive.
3. I could use remote attestation to detect viruses/etc running on other PCs in my house. Maybe somebody in the house managed to install some malware (even without admin privs - local escalation hole or something like that) - I could cut that off at the firewall level.
4. If I were a business I could ensure computers browsing the internet had full patches.
All of this stuff is a good reason for trusted computing. As the owner of the computer and the holder of the keys I'm in control. The problem comes when I'm not the holder of the keys, and somebody else is doing the attestation.
I'd use TC in a second - but it needs to serve me - not some 4-letter association.
They will be revoking software ALL the time then.
Just like they do already. Ever try to use an older version of Itunes?
Right, but what are the odds on all of the software that is signed with those public keys being bullet-proof?
No software will be signed with any of those keys. The certificate only certifies that the chip implementing TPM is genuine.
The logic is that on bootup the TPM chip will hash the BIOS and store this has, and will provide a signed attestation upon request that this BIOS was booted.
The BIOS will then hash the OS that it boots and provide its hash upon request. The OS will do the same for a piece of running software.
A remote website will ask a piece of software for a chain of trust. The software will ask the OS for its hash, and the OS will ask the BIOS for its hash, and the BIOS will ask the TPM chip for its hash. All of these signed hashes will get sent to the remote website. The remote website will check all the hashes and decide whether to provide the software with a decryption key.
If the software is found to have a vulnerability it could be revoked at the server level. Obviously this will be a pain for anybody who owns that software, but TC isn't designed to make user's lives easy.
I agree that there are a bunch of issues with TC, but it will make extracting protected content a real pain. It might also make it harder for you to open your documents in open-source software. While you could always download an unprotected torrent of the latest movie release, you won't be able to find an unlocked torrent for the spreadsheet you created in MS Excel the other day.
My feeling is that we need legislation requiring the disclosure to computer buyers of ALL keys stored within them, and any related-keys that are needed to access features on those computers (such as any signing keys needed to flash the BIOS). And by disclosure I mean the keys themselves - not just the fact that they're there. Computer owners could use TC to secure their computers against hackers/viruses/etc, but 3rd parties couldn't use TC to secure computers against their legal owners.
Agreed - the US had control over the person, so all they wanted is approval from Russia to try him. They could have tried him with or without it (from a purely practical perspective). Unless Russia wanted to send in special forces there was no way he was getting out of the US.
In the present situation everything is reversed. The fugitive is on Russian soil, and unless the UK performs an invasion they aren't going to get him onto British soil. So, the exact same forces that tended to lead to the US having jurisdiction before are now leading towards Russia having jurisdiction.
Plus, in the US case the drunk driving was obviously not some Russian plot to kill random US citizens. In the UK case we don't know for sure who was behind the assassination, but it seems quite plausible that it was an official government action.
Mac OS X can run in a virtualized environment only once the checks for the hardware DRM are removed by a hack,
And this only works because MacOS X needs to be able to run offline.
Once your HD-DVD player is required to be hooked up to the internet to work, that hack will stop working. The key to your DVD won't be stored on the DVD - instead you'll download it each time you play it. However, the server hosting the key won't provide it unless you pass a TCPM check - if the hashes of the bios/OS/player aren't trusted the key won't be provided. Without defeating the physical security on the TCPM chip you won't be able to simulate/virtualize/emulate/whatever this handshake - it ultimately relies on a private key buried in the chip that never leaves it.
Yes, but MAC addresses aren't kept secret.
The private key for your motherboard will be - it will never leave a single chip. Sure, if you have the hardware you can in theory obtain it, but this will require stuff like electron microscopes.
You can't make it impossible - but you can make it REALLY hard.
They would use SSL. Most likely 1024/2048 bit keys. You won't guess them.
And the manufacturer wouldn't know your key either. Most likely the chip will generate its own keypair, store it in flash, give the manufacturer a CSR, which would then be signed and returned to the chip as a certificate. At this point the only copy of the private key is in the chip - at best the vendor knows the public key, which is no good for bypassing TPM.
Now, what you could do is get the manufacturer's signing key and make your own certificates. That would certainly work. However, it hasn't really happened yet in the SSL world, and there is no reason to think that it will happen in the future - those keys would be kept under close guard.
The current crack isn't applicable to hardware players.
Well, sure it is - but it would be a lot harder to pull off.
How many keys does the system support? They'd need an awful lot of them if they're going to encode every disc with one unique key per copy of software / hardware sold.
A billion keys isn't all that unrealistic a number. Sure, I guess it could be done, but it sure is an interesting approach.
Plus, in this particular case they wouldn't know the key for the piece of hacked hardware - they didn't disclose the software key - only the media keys.