Certainly. But that is not the sort of piracy DRM is meant to stop (in as much as DRM is supposed to stop piracy).
That was sort of my point -- your average user committing casual copyright infringement isn't doing it by capturing the digital output stream of their monitor (in fact, I doubt most people have the hardware to make a decent quality copy -- even if they could plug their DVD player in and have it record, they'd get degraded AV to about DVD quality anyway! And I suspect that even those who do are foiled by the 'this shouldn't be copied' flag or the macrovision-encoded video that I assume they can output). The seasoned pro doesn't care whether it's HDCP-protected or not - so who, exactly, is this system aimed at preventing on the computer-side? It sounds more like wasted developer time that could be spent optimising existing code or improving driver quality
Certainly the DRM omponent already stops casual copying, but I just don't see how the degraded quality over non-HDCP improves the value proposition of the DRM system - unless you're selling it to suits who assume the DRM is an unbreakable component and that those pesky unencrypted digital video streams are the only thing between them and big bucks.
Youtube and P2P provide high definition, professionally produced, legal content ?
Certainly P2P provides high definition, professionally produced content. If the computer industry didn't bow down to the MPAA, anyone who wanted to play content on their computers would probably just pirate it (with some exceptions, obviously)
Of course, all these degraded audio/video paths are pointless - it's not Joe Regular on a Vista machine trying to capture the video of Superman from his DVI port and the audio from his SPDIF port. The well-organised pirates that rip these things will just get a HDCP removal box, break/exploit the DRM system behind the video or find a flaw in a hardware player to exploit.
As I see it, this downgrading is only making it more awkward for Joe Regular to buy a computer that will play content without it being degraded. So he's more likely to go to <insert torrent site here> or just watch it on a TV. The former hurts the MPAA, the latter hurts the computer industry
Nothing they've talked about would explain why it requires Vista... it's an API for talking to your graphics card, not some mystical operating system component like Internet Explorer!
RSA SecurID is an excellent "what you have". It displays a number that changes every minute, so there's no need for a special interface. Your server has the seeds, so it can figure out what number's being displayed on a given SecurID at any given moment in time.
Cisco make some pretty hard-wearing equipment, but I'm not sure they make anything capable of withstanding 2000 degree heat. Perhaps you should be talking to a consultant that specialises in industrial and extreme condition networking instead of slashdot?
...which is the very first change I made in Vista -- it's my computer and I won't have the operating system disallow me from copying a backup of Firefox from the network to my machine when I'm an administrator (you cannot copy from a network share to Program Files. You must copy to your Documents folder and then move from there to Program Files). This and it constantly bringing up another dialog box to confirm that I actually meant "yes" when I clicked "yes" while I tried to delete a few shortcuts in my start menu. I like apple's approach: if necessary, ask for your password again, otherwise just make the damn change
Me too -- I made liberal use of the oldnews tag for this article. Gigabyte have been selling them since (at least) July 2006 when the Core 2 Duo was released
It's a good point -- to the public it's all about the perception of the science, not the actual science. I suspect lots of people will see "stem cell" and react immediately. Hopefully lots of other people will be more reasonable.
I don't think there's any way to make it look as harmless as a cheek scraping, though -- from my meagre understanding, there's still a risk involved with going into the amniotic sack - any medics able to comment further?
If I am typing a document, picking up and clicking through God-knows-what is not helping.
Speaking as someone who didn't see the difference between Office 97 and Office 2003 either, you should give the new Office interface a go - it does make a lot more sense (there wasn't much learning going on, beyond a 1-hour learning curve with annoying discoveries like: the office logo at the top left isn't just there to look pretty
Office 2007 reminds me of Apple's Pages, which has a nice interface (although not an amazing one. Hopefully in the next version)
Microsoft is not a user, your xbox example is about preventing users from using their own system
It's always seemed to me that in DRM, the end-user isn't really the user in the system's spec. Although terminologically, the "user" is still setting the vm restrictions... just for a different value of user:-)
None of this requires a VM at all, its just things that have been implimented in existing VMs. That does not preclude them from being implimented without a VM.
Well that's certainly true, but VMs do have the nice side-effect of having to compromise VM and OS security (as well as allowing heterogeneous real environments). I still maintain it'd be incredibly difficult to implement a native code security policy compared to a VM security policy
I'd have to disagree -- I see your point that technically there's no reason to trust the VM (you don't need to trust the compiler since your VM verifies the code anyway, and you make the decision [at least theoretically] to trust an app to access certain parts of your system), there is however, I think, reason to trust the VM: the vendor's reputation lies with the security and integrety of their vm (and their trusted libs).
A good example of this is Microsoft's XNA system: it lets programmers run.NET bytecode on the xbox 360. They have restrictions in place in the vm (such as denying ethernet and dvd access). They don't trust the programmer or the compiler, but the VM ensures that nothing bad happens. They don't allow PowerPC code -- I assume this is because it'd be very difficult (to impossible) to prevent native code from doing what it wants (the.NET bytecode is jitted, so I don't think they went the.net route to degrade homebrew performance). If their VM was compromised they'd be screwed, because the first native instructions would probably be lilo
Except you have to trust the compiler to emit that code; the security is essentially for the benefit of the program, not the user. Having all that extra information (and the ability to selectively deny some bytecode from being executed) is what really sets the VM above a natively compiled app. Doing the same with x86 would be very complex (and as a result probably very easy to bypass)
due to the ease with which you can quickly develop a user-interface for the system
I was wondering about this too, but I imagine (and sorely hope!) that they develop any space-related software using formal methods, which would probably discard any idea of development speed
Nothing against Java, it just wasn't my impression that it was used for any NASA stuff
Apparently they have quite a lot of Java software for their client-side apps too. It's an interesting sort of history: they seem to have inspired Gosling to a degree, and they mainly chose Java because of platform agnosticism (I'm guessing they run a lot of different processors on their missions). I'm guessing the safety of Java compared to C is also handy.
While I know you're making a joke, other people might be interested - they run VxWorks and the flight control software is written in Java. NASA are pretty fond of VxWorks - it pops up in lots of their projects
You might as well build native x86 code linked against Windows libraries for all the portability you have
I don't think that portability's a feature of.NET... I think that its great runtime safety checks & logical std library are the major thing it brings to the table.
The portability thanks to Mono's just an added benefit for some of us
There is a warehouse with $450 million of Susan B. Anthony dollars, still legal tender, in it because the government doesn't wanna go oops, -$450 million to any year's budget.
Completely false. About 900M of them were produced in 1979 and 1980, most staying in the vaults until the 90s when most vending machines tried to give dollar coins as change where possible. They used the reserves until 1999, when they ran out. Instead of waiting for the coins due to be minted in 2000, they minted some more SBA dollars (although of a different colour).
This numismatic lesson brought to you by a bleedin' foreigner
Assuming you're not Bruce Schneier making a joke, the point of quantum cryptography is to try and bring perfectly mathematically secure encryption to a point-to-point connection. Normal encryption is good enough but not perfect (i.e. given an infinite amount of time and money, you can break any standard encryption algorithm)
The only perfectly secure algorithm is one where the key is:
The same length as the key (or "never reused, even within the message" if you want to think of it that way)
Completely Random
A one time pad satisfies this (and that's the basic idea Quantum Cryptography is based on
Because the resulting ciphertext then is just as random. The problem is that you've replaced a secret with another secret of the same size -- which is only a benefit if you've securely transported a briefcase with a copy of the random key you used.
In terms of practical application for you and me, encrypting traffic with VPNs is practical and really secure. Quantum Cryptography depends on being physically point-to-point, which is its flaw... making it unsuitable for most communication
Of course, there are better ways to find secrets sent across a perfectly secure link. Like infiltrating the organisation and reading the secret on the noticeboard:)
The article seems to say they only use Microsoft solutions to provide their security. I'm surprised they don't even have a little something from RSA. Is their solution that good (jokes aside!), or are they just suffering from major Not Invented Here syndrome?
Slashdot Mirror
Certainly. But that is not the sort of piracy DRM is meant to stop (in as much as DRM is supposed to stop piracy).
That was sort of my point -- your average user committing casual copyright infringement isn't doing it by capturing the digital output stream of their monitor (in fact, I doubt most people have the hardware to make a decent quality copy -- even if they could plug their DVD player in and have it record, they'd get degraded AV to about DVD quality anyway! And I suspect that even those who do are foiled by the 'this shouldn't be copied' flag or the macrovision-encoded video that I assume they can output).
The seasoned pro doesn't care whether it's HDCP-protected or not - so who, exactly, is this system aimed at preventing on the computer-side? It sounds more like wasted developer time that could be spent optimising existing code or improving driver quality
Certainly the DRM omponent already stops casual copying, but I just don't see how the degraded quality over non-HDCP improves the value proposition of the DRM system - unless you're selling it to suits who assume the DRM is an unbreakable component and that those pesky unencrypted digital video streams are the only thing between them and big bucks.
Certainly P2P provides high definition, professionally produced content. If the computer industry didn't bow down to the MPAA, anyone who wanted to play content on their computers would probably just pirate it (with some exceptions, obviously)
Of course, all these degraded audio/video paths are pointless - it's not Joe Regular on a Vista machine trying to capture the video of Superman from his DVI port and the audio from his SPDIF port. The well-organised pirates that rip these things will just get a HDCP removal box, break/exploit the DRM system behind the video or find a flaw in a hardware player to exploit.
As I see it, this downgrading is only making it more awkward for Joe Regular to buy a computer that will play content without it being degraded. So he's more likely to go to <insert torrent site here> or just watch it on a TV. The former hurts the MPAA, the latter hurts the computer industry
Nothing they've talked about would explain why it requires Vista... it's an API for talking to your graphics card, not some mystical operating system component like Internet Explorer!
RSA SecurID is an excellent "what you have". It displays a number that changes every minute, so there's no need for a special interface. Your server has the seeds, so it can figure out what number's being displayed on a given SecurID at any given moment in time.
Cisco make some pretty hard-wearing equipment, but I'm not sure they make anything capable of withstanding 2000 degree heat. Perhaps you should be talking to a consultant that specialises in industrial and extreme condition networking instead of slashdot?
In fact, not only do they have a Mac version today, but they've had a Mac version for over 3 years!
Why run the windows version when they sell a native mac version?
...which is the very first change I made in Vista -- it's my computer and I won't have the operating system disallow me from copying a backup of Firefox from the network to my machine when I'm an administrator (you cannot copy from a network share to Program Files. You must copy to your Documents folder and then move from there to Program Files). This and it constantly bringing up another dialog box to confirm that I actually meant "yes" when I clicked "yes" while I tried to delete a few shortcuts in my start menu. I like apple's approach: if necessary, ask for your password again, otherwise just make the damn change
Me too -- I made liberal use of the oldnews tag for this article. Gigabyte have been selling them since (at least) July 2006 when the Core 2 Duo was released
It's a good point -- to the public it's all about the perception of the science, not the actual science. I suspect lots of people will see "stem cell" and react immediately. Hopefully lots of other people will be more reasonable.
I don't think there's any way to make it look as harmless as a cheek scraping, though -- from my meagre understanding, there's still a risk involved with going into the amniotic sack - any medics able to comment further?
Perhaps the grandparent is suggesting a long-term evaluation...
Speaking as someone who didn't see the difference between Office 97 and Office 2003 either, you should give the new Office interface a go - it does make a lot more sense (there wasn't much learning going on, beyond a 1-hour learning curve with annoying discoveries like: the office logo at the top left isn't just there to look pretty
Office 2007 reminds me of Apple's Pages, which has a nice interface (although not an amazing one. Hopefully in the next version)
Why oh-why is there no "+5 Horrified"?
It's always seemed to me that in DRM, the end-user isn't really the user in the system's spec. Although terminologically, the "user" is still setting the vm restrictions... just for a different value of user :-)
Well that's certainly true, but VMs do have the nice side-effect of having to compromise VM and OS security (as well as allowing heterogeneous real environments). I still maintain it'd be incredibly difficult to implement a native code security policy compared to a VM security policy
I'd have to disagree -- I see your point that technically there's no reason to trust the VM (you don't need to trust the compiler since your VM verifies the code anyway, and you make the decision [at least theoretically] to trust an app to access certain parts of your system), there is however, I think, reason to trust the VM: the vendor's reputation lies with the security and integrety of their vm (and their trusted libs).
A good example of this is Microsoft's XNA system: it lets programmers run .NET bytecode on the xbox 360. They have restrictions in place in the vm (such as denying ethernet and dvd access). They don't trust the programmer or the compiler, but the VM ensures that nothing bad happens. They don't allow PowerPC code -- I assume this is because it'd be very difficult (to impossible) to prevent native code from doing what it wants (the .NET bytecode is jitted, so I don't think they went the .net route to degrade homebrew performance). If their VM was compromised they'd be screwed, because the first native instructions would probably be lilo
Except you have to trust the compiler to emit that code; the security is essentially for the benefit of the program, not the user. Having all that extra information (and the ability to selectively deny some bytecode from being executed) is what really sets the VM above a natively compiled app. Doing the same with x86 would be very complex (and as a result probably very easy to bypass)
I was wondering about this too, but I imagine (and sorely hope!) that they develop any space-related software using formal methods, which would probably discard any idea of development speed
I was meaning more of a "do no evil" sandboxing safety check: allowing you to restrict file IO, etc. on a per-method basis
While I know you're making a joke, other people might be interested - they run VxWorks and the flight control software is written in Java. NASA are pretty fond of VxWorks - it pops up in lots of their projects
I don't think that portability's a feature of .NET... I think that its great runtime safety checks & logical std library are the major thing it brings to the table.
The portability thanks to Mono's just an added benefit for some of us
Completely false. About 900M of them were produced in 1979 and 1980, most staying in the vaults until the 90s when most vending machines tried to give dollar coins as change where possible. They used the reserves until 1999, when they ran out. Instead of waiting for the coins due to be minted in 2000, they minted some more SBA dollars (although of a different colour).
This numismatic lesson brought to you by a bleedin' foreigner
The only perfectly secure algorithm is one where the key is:
- The same length as the key (or "never reused, even within the message" if you want to think of it that way)
- Completely Random
A one time pad satisfies this (and that's the basic idea Quantum Cryptography is based onBecause the resulting ciphertext then is just as random. The problem is that you've replaced a secret with another secret of the same size -- which is only a benefit if you've securely transported a briefcase with a copy of the random key you used.
In terms of practical application for you and me, encrypting traffic with VPNs is practical and really secure. Quantum Cryptography depends on being physically point-to-point, which is its flaw... making it unsuitable for most communication
Of course, there are better ways to find secrets sent across a perfectly secure link. Like infiltrating the organisation and reading the secret on the noticeboard :)
I thought someone was donating money for another Chucky movie...
The article seems to say they only use Microsoft solutions to provide their security.
I'm surprised they don't even have a little something from RSA. Is their solution that good (jokes aside!), or are they just suffering from major Not Invented Here syndrome?