It blows my minds that mods would moderate this as insightful instead of funny
You must be new here.
Slashdot no longer gives karma for "Funny", but does give karma for "Insightful". This can lead to situations where a combination of "funny" (which doesn't give karma) mods, combined with "overrated" mods (which aren't subject to metamoderation) can result in a loss in karma for a relevant, and funny, statement.
As such, some people choose to mod funny things insightful.
That's why we should use electronic voting systems to print on paper ballots.
A barcode can literally eliminate all scanning errors (CRC-32), you can include pictures, multiple languages, the blind can still get secret ballots, it's impossible to sell your vote, and you can verify your vote before it's counted. You can also do manual recounts if needed.
Scanning machine can be written by another company - read ballot, scan barcode - no match, reject.
Recounts are easy, too. Do batches of a hundred or so, and count by hand, then by machine. If there's not an EXACT match, re-do it until there is.
If you are running around using the software I release, good for you. The license I use is a partially modified BSD license (no advertising clause).
In short, I ask that if you use my code: - You recognize that I provide no warranties to the maximum permitted by law (some US states have different regulations regarding implied warranties, such as the implied warranties of merchantibility and fitness for a particular purpose).
- You leave the copyright notice intact. While I don't care if _you_ close-source your derivative work, I would at least like a chance for others to know where it came from - this way, they also have the freedom to obtain the source you started with, from me.
- Don't use my name to endorse your product. If you want to take my product, and make something new - great! I just don't want you running around claiming that I support, or endorse, your product.
the GPL 3 convinced me to use a BSD-style license for my projects. I want to share the code, not enforce political views I disagree with.
I'm kind of partial to a modified MIT/BSD style license, with a clause stating that you can't use my name to endorse the product. I don't like the so-called "advertising" clause.
My goal for the open-source software I create (outside my company) is to maximize utility - freedom is a nice side effect.
Sure, someone can take my code, and make a commercial closed-source product out of it, and you would have a hard time modifying it. However, you have the freedom to get the source from me and do the exact same thing, something the GPL seems to forget.
As a guy who makes a living selling software, it seems kind of hypocritical to complain that "oh no! someone's making money with free software!"
I was usually had the highest score in the school district for [insert standardized test of the day here]. I was also insufferable, lazy, and tended to annoy my peers. They considered me (rightfully so) a nerd.
My solution was to get better at fighting - it worked surprisingly well.
In high school, there were two football players who wouldn't leave me alone. At one point, things escalated to a point where they got a couple of friends, held my arms behind my back, while one of them was going to "headbutt" me. After a kick to his stomach, and a scuffle that ended in a headlock that took 4 or 5 guys to pull me off, I ended up bruised and bloody, but they ended up worse.
The surprising thing was that we (quite literally) got along fine after that (and not in a "I scare them" kind of way) - they respected force, and once they realized that I wasn't just "some nerd", they were more than willing to accept me as "one of the guys". Go figure.
As a nice side effect, other people left me alone as well - I didn't get in any other fights my Junior or Senior years in high school.
DRM isn't REALLY about software piracy. I haven't known one person that has said "Hey! It is difficult to pirate this. I may as well just go buy it!".
Well, now you do. Over the years, there have been a number of applications that fell into this category for me, from Windows to MorphVox, Trillian (wanted some of the addons) to (once upon a time) C&Cheat.
The problem with DRM is that (if done poorly), the pirate copy is easier to get and more functional than the legitimate copy. This encourages users (through consequences) not to buy. This is bad.
OTOH, some copy protection systems aren't overly invasive, and because of add-on content, multiplayer (games), etc., the paid version is more functional than a pirate copy. This gives people a reason to buy it.
I sell software. I've sold software for years. Nagware and minimally invasive copy protection have (in my tests) brought in more sales, time and time and time again.
The funny thing is that piracy can often increase sales. The added exposure can help bring in business, and the reduced risk (I'm not paying $X for software I've never used) makes for an easier sale. Someone who would never buy my customer costs me nothing if he pirates it.
Greedy Corp X will still throw DRM at it because now they want you to pay for it for every machine you want to run it on
Some companies do - some don't. We charge for different platforms, because (for example) the PalmOS and Symbian platforms are different players, and required separate development efforts. You can switch devices as much as you want - we certainly don't care.
On the other hand, we're going to be rolling out widgets, and integrate application for over 600 different devices. If you've got widgets, paid apps, whatever, we're not going to charge you extra to use it on any device it's compatible with. We only charge you for two programs if we had to write two programs.
Out of curiosity what kind of smart card are you using with it? It's worth noting that _many_ supposedly secure smart cards have been successfully opened (using various techniques), and their memory contents subsequently dumped.
We use eTokens (USB and Smart Card) - they have the best support for Linux and OS X of any cards we tried. They also are nice in that you can force password change on first use (it prompts upon insertion), and save password policies to the card itself, rather than simply forcing the use of precustomized drivers.
We fear social contact so much we need to find hacks so we don't have to talk on the phone.
Have you ever actually activated Windows over the phone? It is one of the most frustrating experiences I've ever had with a telephone system.
You read off a long list of numbers, and if your connection quality isn't great (cell phones in my case), it gets it wrong and you have to repeat yourself.
The usual reason I call is because I've reinstalled, and changed enough hardware that online activation fails.
So, not only does online activation fail, but then the phone-based one fails, too. You have to fail the second activation before you're permitted to talk to a human, who grills you (often in very broken English) as to whether you have truly removed it from all computers it might be installed on.
I had a laptop that simply wasn't fast enough to do DVDs in Linux (many years ago). It could barely handle it in Windows, and the drivers weren't as good for Linux.
I ended up watching a number of DVDs in an AALib enabled version of Xine. This would have been around 6-7 years ago.
Infowars and PrisonPlanet. Take their output, add to the mainstream media, divide by two and you might get a picture of reality.
Well, how about another group of nutjobs - the "Federal Reserve". Since the CPI numbers are meaningless, and the GDP numbers are bogus (compare pre-Clinton and post-Clinton numbers for a good example why), let's look at the relative buying power of the US Dollar, since that's a lot harder to fudge.
The numbers to look at are the Broad and Major Currency numbers. These indices are relative to a specific point in time - Jan 97 and Mar 73, respectively).
So, looking at the most recent YOY data (APR-APR) - the US dollar has dropped 9.3% YOY compared to a broad group of our trading partners, and nearly 12% YOY when compared to other major currencies. Contrast this to a 4% YOY (broad) or a 4.7% (major) for the 12 month period before that.
And anyway - there has to be some code that accesses the TPM chip, and that also means that given enough time and effort it's possible to circumvent it, or even simulate the TPM chip.
That's why the TPM has sufficient functionality to verify it's operating environment.
That being said, there are a number of existing attacks, ranging from exploiting DMA to freezing and extracting the RAM.
The TPMs also aren't required to have symmetric encryption, and RSA is too slow to enable full encryption in realtime. So, you're stuck having the symmetric key used only after the environment is considered "safe". The key is then stored in RAM and used to decrypt the software in realtime.
Once this key is extracted, the software is relatively easy to break.
For more fun, there are a number of TPM emulators already. The issue is that their endorsement key (created at manufacture) won't be able to participate in the "Direct Anonymous Attestation" because it lacks a key issued by a DAA issuer.
I have personally seen a key used which was extracted from a major brand TPM manufacturer. This was one of the 1.2 TPMs (the older ones had a "Privacy CA" you had to trust to protect your privacy). It successfully passed the IBM battery of TPM tests.
So, TPM-based copy protection is already broken. To detect this particular attack, you would have to use a watermark, and watermarks done in software are subject to removal, since they come after decryption. Even then, the best you can accomplish would be banning the "bad" TPM from online activities.
Unless they want to force every game to be online-activated with a TPM check, and a watermark for all downloaded exes, and a blacklist for compromised TPMs, it will literally add nothing to the copy protection.
How many people crack their own games? How many just grab the.torrent?
It's funny you should mention Windows. Windows uses Challenge-Response for it's authentication. Instead of sending the password, you send "proof" you have the password.
Doing this requires both the client and server to have the password, or in the case of windows, the password hashes (which are used as password equivalents). In other words, you don't actually need the password itself to connect to network resources.
So, all you have to do is extract hashes from any machine on the domain, and you can use those hashes to authenticate anywhere on the domain. DMA attacks allow you to get full access to RAM, and you can extract whatever you want.
So, instead of "change the local administrator password", it's "steal the local administrator password", and use it on any machine with the same password (or use Rainbow tables to get the password itself, typically in minutes if LANMAN hashes are enabled).
In most environments I've seen, the local administrator password is the same for many, if not all, machines on the domain. I have a piece of software for my laptop that uses DMA in most (non-TI) firewire controllers to extract the administrator hash, and then inject a.dll which connects to all network hosts that hash is good at, and inserts a "shim" gina.dll. This shim allows for capture of other passwords, as well as the ability to bypass credentials entirely (you don't get access to EFS or shared passwords, though).
We've used the resources of our LAN to brute force a password a fired user placed on one of our assets.
If you have LANMAN hashes on the local network, you can usually (well over 99.9% IIRC) get the password very quickly using the "alpha-numeric-symbol32-space" lanman rainbow tables available here.
Better yet use one of those FOBS with the rolling numbers and you cannot simply copy the device while the person sleeps. Those keyfobs (RSA SecurID, etc) typically work by having an encryption key shared in the device, and on a server. The device takes the key, does an AES (or whatever) operation on a sequential clock, and chops it down to 6 (or so) digits.
The server then repeats this process, and uses the current time. Since these things don't have the world's most accurate clock, the server will often go back and forward a bit with the number, for a few minutes - this lets it figure out what time the device has. After a few logins, you know more or less what the clock skew and rate for the device are.
This is good for a number of things, like web sites - users don't need to have special drivers or anything like that.
It is not good for things like local login to a non-networked machine, as in order to do this, a full copy of the encryption key must be available on the device itself. It can't be encrypted, or it can't be used.
Smart cards are designed to self-destruct before giving up their keys, and you can't "simply copy the device while the person sleeps".
Personally, I have one of the Fujitsu Stylistic tablet PCs. It comes with a built-in fingerprint reader, and smart card reader. This lets me do three-factor authentication:
Something I know (a password), Something I have (a smart card), and Something I am (a fingerprint).
The fingerprint reader is a wedge-style, so you can't grab a latent print off of it. You could probably get one off the PC itself, and there are ways to bypass it, but it's a real pain.
Bypassing the smart card gets to be very difficult, as the full-disk encryption prevents modification of the system while I'm not on it. You can completely replace the HD with something designed to grab my PIN, but I'd notice, and you still can't clone the smart card.
Or, you could just pay for that software you've pirated. See, no more pesky activation dialogs. But of course being Slashdot, that means that it's noble to somehow stick it to Microsoft. Did you actually read the parent? It's possible to get Vista into a state where you can't activate (online) because you lack networking drivers.
Instead of using the incredibly painful phone activation, you can use this to install said LAN drivers and activate.
If you're using a pirate copy, there's no pesky activation dialog either, and if you're using a crack, you don't really need LAN drivers to use it, do you?
Most of my passwords range in the 10-14 character range, but I've found that users tend to have issues with anything that long.
Our final solution ended up being fairly simple (for the users, it was a pain for me to implement) - Smart Cards.
We disallow "stupid" passwords (1234, etc.), and the cards are set to lockout after 3 incorrect tries. When you only get 3 guesses, even a 4 character password is secure.
Sure, you're sitting all day and not expending much energy. But one thing you discover is how much better you sleep on an empty stomach.
One man's meditation camp is another man's torture. I eat 4000-6000 calories per day, and cannot sleep while hungry. I'll typically have a nice large meal (a bunch of pasta, some veggies, fruit, some protein) around 2AM, and fall right asleep. If I don't eat, I can't sleep.
And no, I'm not overweight - my BMI (or whatever the insurance companies use) is so low that I've been turned down repeatedly for insurance for being underweight. Nothing like being 6'10" and 175 pounds.
It annoys me when I install programs like ImageMagick and they require libgnome. Why? I don't run Gnome, why should the program require it?
That's a lot of what led me to gentoo. Binary packages make decisions as to what is or isn't supported, or try to hack around it with a bunch of subpackages (php-ldap, php-mysql, php-pgsql, etc. for example.)
In gentoo, there are what are called "use flags" - these specify what features do or don't get installed.
So, you can globally set "X -gtk -qt -gnome -kde", and things that don't absolutely require them won't attempt to use them, or pull in dependencies.
Here's an example (on the extreme end - most people don't go through this customization) with my PHP config on my server:
[ebuild R ] dev-lang/php-5.2.6_rc4 USE="apache2 bcmath berkdb bzip2 cli crypt curl gd gdbm gmp hash iconv imap ldap ldap-sasl mhash mysql ncurses nls pcre pic posix postgres readline reflection session simplexml spell spl sqlite ssl tidy tokenizer truetype unicode xml xsl zlib (-adabas) (-birdstep) -calendar -cdb -cgi -cjk -concurrentmodphp -ctype -curlwrappers -db2 -dbase (-dbmaker) -debug -discard-path -doc (-empress) (-empress-bcs) (-esoob) -exif -fastbuild (-fdftk) -filter (-firebird) -flatfile -force-cgi-redirect (-frontbase) -ftp -gd-external -inifile -interbase -iodbc -ipv6 (-java-external) -json -kerberos -libedit -mcve -msql -mssql -mysqli -oci8 -oci8-instant-client -odbc -pcntl -pdo -qdbm -recode -sapdb -sharedext -sharedmem -snmp -soap -sockets (-solid) -suhosin (-sybase) (-sybase-ct) -sysvipc -threads -wddx -xmlreader -xmlrpc -xmlwriter -xpm -yaz -zip -zip-external" Gentoo has rather minimal defaults, and I have my own. I further customized using a line like the following:
dev-lang/php apache2 bcmath curl gd gmp hash imap ldap ldap-sasl mhash posix simplexml tidy tokenizer truetype xml xsl mysql nls This set those flags for PHP only.
As such, gentoo knew exactly what features I wanted added, what libraries were needed to make it happen, and downloaded and compiled as needed, setting compile flags as appropriate. Unnecessary support is disabled at compile time, instead of using hacks like package.d directories and a crapload of plugins.
How can someone have a good faith belief that they directly verified something that is demonstrably false?
He downloaded the code. It has a reverse-engineered approach to dealing with copy protection. He stated "We have directly verified by downloading the file from the Site provided by Google Inc. that the file does include CoreCodec's copyrighted Software." Having talked to him, he felt that the reverse-engineered code was, in fact, a "Derivative work", and that our code would apply - much the same way that the GPL applies to derivative works. The code (obviously) is dependent on CoreAVC, and does some things that don't constitute an "arms length" transaction.
There isn't really an exact way to determine what is, and isn't, a derivative work. To quote the GPL Faq:
What constitutes combining two parts into one program? This is a legal question, which ultimately judges will decide. We believe that a proper criterion depends both on the mechanism of communication (exec, pipes, rpc, function calls within a shared address space, etc.) and the semantics of the communication (what kinds of information are interchanged).
So, there's an argument to be made that it was, in fact, infringement. This was his "good faith" belief, however wrong it may have been.
That being said, he still took the wrong approach to dealing with this. When we found out what had happened, we did everything in our power to make it right, and make sure it didn't happen again.
He did swear that it contained CoreCodec's copyrighted code.
No, actually, he didn't. Here's what he said: I hereby confirm that I have a good faith belief that use of the Software in the manner described in this letter is not authorized by the copyright owner, its agent, or the law, and that, under penalty of perjury, I am authorized to act on behalf of CoreCodec, Inc., the owner of the exclusive rights in the Software that are allegedly infringed.
I would not have been able to sign this, as I believe that this activity was protected by case law and the DMCA allowances for reverse-engineering, even given the narrow scope which the court limited it to with DeCSS. The law is, however, open to interpretation. Regardless of whether or not it _could_ be taken down, or whether it was or was not permitted under US law, _we_ shouldn't have taken it down. That's why we fought to get it back up. Our policy is to go after pirates, not customers, regardless of a single mistake made by an employee.
But then either you knew that and therefore lied or didn't check in which case Svartalf's point is correct.
No, I'm quite familiar with the reverse-engineering provisions of the DMCA.
If you will recall, the purpose of DeCSS was to be used to enable playback on alternative operating systems, specifically Linux, for which no player was available. The courts still held that it was a circumvention device, and did not qualify for the interoperability exemption.
As such, this would ultimately be a matter for the courts to decide, but it doesn't really matter, since the DMCA takedown violated our policy, and shouldn't have been sent. We have given them permission, making the point moot - the prohibitions in the DMCA no longer apply to that project anyway.
I've said this a number of times, but here we go again: 1) DMCA requires you to have a "good faith" belief that your rights are infringed 2) DMCA requires you to certify "under penalty of perjury" that you represent the party whose rights are infringed. 3) CoreAVC for Linux breaks copy protection, potentially making it a circumvention device under the DMCA.
The takedown was legal, and our rights were infringed under the law.
That being said, the law is wrong, and the DMCA is a bad law. The takedown shouldn't have been sent, as the purpose of the software was not piracy.
My experience with companies like this is if they do it once they'll do it again. Maybe not another fake DMCA (too much damage control when caught) but they will do something else like change the licensing terms, abandon the work, leave paid customers high and dry, start suing customers... Something.
I am a director in the company, and mytake on IP is clear. We stopped selling CoreAVC for months because of issues with Vista - if we can't sell a good product, we won't sell it at all.
As for the licensing terms, CoreCodec products should be shipped without any form of EULA. If you read my post above, I remove them whenever I find them. They aren't necessary, and are detrimental.
We have no intention of suing the customers, and have turned down companies looking to buy us. We did so not because there wasn't enough money involved, but rather the purchase was to "make us go away", and that would have hurt the products and our customers. That's right - I personally (along with others in the company, including the CEO) have walked away from significant amounts of money because I care about the product, and the customers.
Yeah, we make mistakes sometimes. After sending hundreds of DMCA takedowns to rapidshare, forums, codec packs, etc, we screwed up and sent one that shouldn't have been sent, even though they did violate the DMCA. It was a legal takedown, but it was sent to someone it shouldn't have been. I reamed the CEO a new one, we apologized publically, had the project reinstated, gave them an exemption to ensure that the project is legal, and put controls in place to make sure it can't happen again.
What they are really saying is that they've already spoken with their legal team to find out what steps are needed to cover their asses in case of a backlash of re-percussive actions that can result. More lawyer mumbo-jumbo again.
Uh, no.
CoreAVC for Linux breaks copy protection. This potentially makes it illegal under the DMCA. As such, a takedown was sent. There is not, and has never been, any potential for legal recourse, as the takedown notice was legal, and valid. The DMCA is still a bad law.
It was, however, wrong. The employee broke policy - we go after pirates, not customers.
Slashdot Mirror
It blows my minds that mods would moderate this as insightful instead of funny
You must be new here.
Slashdot no longer gives karma for "Funny", but does give karma for "Insightful". This can lead to situations where a combination of "funny" (which doesn't give karma) mods, combined with "overrated" mods (which aren't subject to metamoderation) can result in a loss in karma for a relevant, and funny, statement.
As such, some people choose to mod funny things insightful.
A lot of us like permissions better than "User, Group, World". That's why a number of file systems support ACLs.
man setfacl is your friend.
That's why we should use electronic voting systems to print on paper ballots.
A barcode can literally eliminate all scanning errors (CRC-32), you can include pictures, multiple languages, the blind can still get secret ballots, it's impossible to sell your vote, and you can verify your vote before it's counted. You can also do manual recounts if needed.
Scanning machine can be written by another company - read ballot, scan barcode - no match, reject.
Recounts are easy, too. Do batches of a hundred or so, and count by hand, then by machine. If there's not an EXACT match, re-do it until there is.
If you are running around using the software I release, good for you. The license I use is a partially modified BSD license (no advertising clause).
In short, I ask that if you use my code:
- You recognize that I provide no warranties to the maximum permitted by law (some US states have different regulations regarding implied warranties, such as the implied warranties of merchantibility and fitness for a particular purpose).
- You leave the copyright notice intact. While I don't care if _you_ close-source your derivative work, I would at least like a chance for others to know where it came from - this way, they also have the freedom to obtain the source you started with, from me.
- Don't use my name to endorse your product. If you want to take my product, and make something new - great! I just don't want you running around claiming that I support, or endorse, your product.
the GPL 3 convinced me to use a BSD-style license for my projects. I want to share the code, not enforce political views I disagree with.
I'm kind of partial to a modified MIT/BSD style license, with a clause stating that you can't use my name to endorse the product. I don't like the so-called "advertising" clause.
My goal for the open-source software I create (outside my company) is to maximize utility - freedom is a nice side effect.
Sure, someone can take my code, and make a commercial closed-source product out of it, and you would have a hard time modifying it. However, you have the freedom to get the source from me and do the exact same thing, something the GPL seems to forget.
As a guy who makes a living selling software, it seems kind of hypocritical to complain that "oh no! someone's making money with free software!"
I'm 6'10, and weigh 210 pounds. Insurance companies don't want me; I'm too underweight. At a 36" waist I'm apparently too fat, too.
I was usually had the highest score in the school district for [insert standardized test of the day here]. I was also insufferable, lazy, and tended to annoy my peers. They considered me (rightfully so) a nerd.
My solution was to get better at fighting - it worked surprisingly well.
In high school, there were two football players who wouldn't leave me alone. At one point, things escalated to a point where they got a couple of friends, held my arms behind my back, while one of them was going to "headbutt" me. After a kick to his stomach, and a scuffle that ended in a headlock that took 4 or 5 guys to pull me off, I ended up bruised and bloody, but they ended up worse.
The surprising thing was that we (quite literally) got along fine after that (and not in a "I scare them" kind of way) - they respected force, and once they realized that I wasn't just "some nerd", they were more than willing to accept me as "one of the guys". Go figure.
As a nice side effect, other people left me alone as well - I didn't get in any other fights my Junior or Senior years in high school.
"For your convenience, this branch will be closed Monday, mm/dd/yy, a legal holiday."
For my convenience. Heartwarming, isn't it, how these folks are always looking out for us.
Perhaps the sign was for your convenience, rather than the closing?
DRM isn't REALLY about software piracy. I haven't known one person that has said "Hey! It is difficult to pirate this. I may as well just go buy it!".
Well, now you do. Over the years, there have been a number of applications that fell into this category for me, from Windows to MorphVox, Trillian (wanted some of the addons) to (once upon a time) C&Cheat.
The problem with DRM is that (if done poorly), the pirate copy is easier to get and more functional than the legitimate copy. This encourages users (through consequences) not to buy. This is bad.
OTOH, some copy protection systems aren't overly invasive, and because of add-on content, multiplayer (games), etc., the paid version is more functional than a pirate copy. This gives people a reason to buy it.
I sell software. I've sold software for years. Nagware and minimally invasive copy protection have (in my tests) brought in more sales, time and time and time again.
The funny thing is that piracy can often increase sales. The added exposure can help bring in business, and the reduced risk (I'm not paying $X for software I've never used) makes for an easier sale. Someone who would never buy my customer costs me nothing if he pirates it.
Greedy Corp X will still throw DRM at it because now they want you to pay for it for every machine you want to run it on
Some companies do - some don't. We charge for different platforms, because (for example) the PalmOS and Symbian platforms are different players, and required separate development efforts. You can switch devices as much as you want - we certainly don't care.
On the other hand, we're going to be rolling out widgets, and integrate application for over 600 different devices. If you've got widgets, paid apps, whatever, we're not going to charge you extra to use it on any device it's compatible with. We only charge you for two programs if we had to write two programs.
Out of curiosity what kind of smart card are you using with it? It's worth noting that _many_ supposedly secure smart cards have been successfully opened (using various techniques), and their memory contents subsequently dumped.
We use eTokens (USB and Smart Card) - they have the best support for Linux and OS X of any cards we tried. They also are nice in that you can force password change on first use (it prompts upon insertion), and save password policies to the card itself, rather than simply forcing the use of precustomized drivers.
We fear social contact so much we need to find hacks so we don't have to talk on the phone.
Have you ever actually activated Windows over the phone? It is one of the most frustrating experiences I've ever had with a telephone system.
You read off a long list of numbers, and if your connection quality isn't great (cell phones in my case), it gets it wrong and you have to repeat yourself.
The usual reason I call is because I've reinstalled, and changed enough hardware that online activation fails.
So, not only does online activation fail, but then the phone-based one fails, too. You have to fail the second activation before you're permitted to talk to a human, who grills you (often in very broken English) as to whether you have truly removed it from all computers it might be installed on.
I had a laptop that simply wasn't fast enough to do DVDs in Linux (many years ago). It could barely handle it in Windows, and the drivers weren't as good for Linux.
I ended up watching a number of DVDs in an AALib enabled version of Xine. This would have been around 6-7 years ago.
Infowars and PrisonPlanet. Take their output, add to the mainstream media, divide by two and you might get a picture of reality.
Well, how about another group of nutjobs - the "Federal Reserve". Since the CPI numbers are meaningless, and the GDP numbers are bogus (compare pre-Clinton and post-Clinton numbers for a good example why), let's look at the relative buying power of the US Dollar, since that's a lot harder to fudge.
Here ya go.
The numbers to look at are the Broad and Major Currency numbers. These indices are relative to a specific point in time - Jan 97 and Mar 73, respectively).
So, looking at the most recent YOY data (APR-APR) - the US dollar has dropped 9.3% YOY compared to a broad group of our trading partners, and nearly 12% YOY when compared to other major currencies. Contrast this to a 4% YOY (broad) or a 4.7% (major) for the 12 month period before that.
And anyway - there has to be some code that accesses the TPM chip, and that also means that given enough time and effort it's possible to circumvent it, or even simulate the TPM chip.
.torrent?
That's why the TPM has sufficient functionality to verify it's operating environment.
That being said, there are a number of existing attacks, ranging from exploiting DMA to freezing and extracting the RAM.
The TPMs also aren't required to have symmetric encryption, and RSA is too slow to enable full encryption in realtime. So, you're stuck having the symmetric key used only after the environment is considered "safe". The key is then stored in RAM and used to decrypt the software in realtime.
Once this key is extracted, the software is relatively easy to break.
For more fun, there are a number of TPM emulators already. The issue is that their endorsement key (created at manufacture) won't be able to participate in the "Direct Anonymous Attestation" because it lacks a key issued by a DAA issuer.
I have personally seen a key used which was extracted from a major brand TPM manufacturer. This was one of the 1.2 TPMs (the older ones had a "Privacy CA" you had to trust to protect your privacy). It successfully passed the IBM battery of TPM tests.
So, TPM-based copy protection is already broken. To detect this particular attack, you would have to use a watermark, and watermarks done in software are subject to removal, since they come after decryption. Even then, the best you can accomplish would be banning the "bad" TPM from online activities.
Unless they want to force every game to be online-activated with a TPM check, and a watermark for all downloaded exes, and a blacklist for compromised TPMs, it will literally add nothing to the copy protection.
How many people crack their own games? How many just grab the
It's funny you should mention Windows. Windows uses Challenge-Response for it's authentication. Instead of sending the password, you send "proof" you have the password.
.dll which connects to all network hosts that hash is good at, and inserts a "shim" gina.dll. This shim allows for capture of other passwords, as well as the ability to bypass credentials entirely (you don't get access to EFS or shared passwords, though).
Doing this requires both the client and server to have the password, or in the case of windows, the password hashes (which are used as password equivalents). In other words, you don't actually need the password itself to connect to network resources.
So, all you have to do is extract hashes from any machine on the domain, and you can use those hashes to authenticate anywhere on the domain. DMA attacks allow you to get full access to RAM, and you can extract whatever you want.
So, instead of "change the local administrator password", it's "steal the local administrator password", and use it on any machine with the same password (or use Rainbow tables to get the password itself, typically in minutes if LANMAN hashes are enabled).
In most environments I've seen, the local administrator password is the same for many, if not all, machines on the domain. I have a piece of software for my laptop that uses DMA in most (non-TI) firewire controllers to extract the administrator hash, and then inject a
All in all, a fairly stupid security model.
We've used the resources of our LAN to brute force a password a fired user placed on one of our assets.
If you have LANMAN hashes on the local network, you can usually (well over 99.9% IIRC) get the password very quickly using the "alpha-numeric-symbol32-space" lanman rainbow tables available here.
The server then repeats this process, and uses the current time. Since these things don't have the world's most accurate clock, the server will often go back and forward a bit with the number, for a few minutes - this lets it figure out what time the device has. After a few logins, you know more or less what the clock skew and rate for the device are.
This is good for a number of things, like web sites - users don't need to have special drivers or anything like that.
It is not good for things like local login to a non-networked machine, as in order to do this, a full copy of the encryption key must be available on the device itself. It can't be encrypted, or it can't be used.
Smart cards are designed to self-destruct before giving up their keys, and you can't "simply copy the device while the person sleeps".
Personally, I have one of the Fujitsu Stylistic tablet PCs. It comes with a built-in fingerprint reader, and smart card reader. This lets me do three-factor authentication:
Something I know (a password),
Something I have (a smart card),
and Something I am (a fingerprint).
The fingerprint reader is a wedge-style, so you can't grab a latent print off of it. You could probably get one off the PC itself, and there are ways to bypass it, but it's a real pain.
Bypassing the smart card gets to be very difficult, as the full-disk encryption prevents modification of the system while I'm not on it. You can completely replace the HD with something designed to grab my PIN, but I'd notice, and you still can't clone the smart card.
Instead of using the incredibly painful phone activation, you can use this to install said LAN drivers and activate.
If you're using a pirate copy, there's no pesky activation dialog either, and if you're using a crack, you don't really need LAN drivers to use it, do you?
Most of my passwords range in the 10-14 character range, but I've found that users tend to have issues with anything that long.
Our final solution ended up being fairly simple (for the users, it was a pain for me to implement) - Smart Cards.
We disallow "stupid" passwords (1234, etc.), and the cards are set to lockout after 3 incorrect tries. When you only get 3 guesses, even a 4 character password is secure.
Sure, you're sitting all day and not expending much energy. But one thing you discover is how much better you sleep on an empty stomach.
One man's meditation camp is another man's torture. I eat 4000-6000 calories per day, and cannot sleep while hungry. I'll typically have a nice large meal (a bunch of pasta, some veggies, fruit, some protein) around 2AM, and fall right asleep. If I don't eat, I can't sleep.
And no, I'm not overweight - my BMI (or whatever the insurance companies use) is so low that I've been turned down repeatedly for insurance for being underweight. Nothing like being 6'10" and 175 pounds.
That's a lot of what led me to gentoo. Binary packages make decisions as to what is or isn't supported, or try to hack around it with a bunch of subpackages (php-ldap, php-mysql, php-pgsql, etc. for example.)
In gentoo, there are what are called "use flags" - these specify what features do or don't get installed.
So, you can globally set "X -gtk -qt -gnome -kde", and things that don't absolutely require them won't attempt to use them, or pull in dependencies.
Here's an example (on the extreme end - most people don't go through this customization) with my PHP config on my server: [ebuild R ] dev-lang/php-5.2.6_rc4 USE="apache2 bcmath berkdb bzip2 cli crypt curl gd gdbm gmp hash iconv imap ldap ldap-sasl mhash mysql ncurses nls pcre pic posix postgres readline reflection session simplexml spell spl sqlite ssl tidy tokenizer truetype unicode xml xsl zlib (-adabas) (-birdstep) -calendar -cdb -cgi -cjk -concurrentmodphp -ctype -curlwrappers -db2 -dbase (-dbmaker) -debug -discard-path -doc (-empress) (-empress-bcs) (-esoob) -exif -fastbuild (-fdftk) -filter (-firebird) -flatfile -force-cgi-redirect (-frontbase) -ftp -gd-external -inifile -interbase -iodbc -ipv6 (-java-external) -json -kerberos -libedit -mcve -msql -mssql -mysqli -oci8 -oci8-instant-client -odbc -pcntl -pdo -qdbm -recode -sapdb -sharedext -sharedmem -snmp -soap -sockets (-solid) -suhosin (-sybase) (-sybase-ct) -sysvipc -threads -wddx -xmlreader -xmlrpc -xmlwriter -xpm -yaz -zip -zip-external" Gentoo has rather minimal defaults, and I have my own. I further customized using a line like the following: dev-lang/php apache2 bcmath curl gd gmp hash imap ldap ldap-sasl mhash posix simplexml tidy tokenizer truetype xml xsl mysql nls This set those flags for PHP only.
As such, gentoo knew exactly what features I wanted added, what libraries were needed to make it happen, and downloaded and compiled as needed, setting compile flags as appropriate. Unnecessary support is disabled at compile time, instead of using hacks like package.d directories and a crapload of plugins.
He downloaded the code. It has a reverse-engineered approach to dealing with copy protection. He stated "We have directly verified by downloading the file from the Site provided by Google Inc. that the file does include CoreCodec's copyrighted Software." Having talked to him, he felt that the reverse-engineered code was, in fact, a "Derivative work", and that our code would apply - much the same way that the GPL applies to derivative works. The code (obviously) is dependent on CoreAVC, and does some things that don't constitute an "arms length" transaction.
There isn't really an exact way to determine what is, and isn't, a derivative work. To quote the GPL Faq:
So, there's an argument to be made that it was, in fact, infringement. This was his "good faith" belief, however wrong it may have been.
That being said, he still took the wrong approach to dealing with this. When we found out what had happened, we did everything in our power to make it right, and make sure it didn't happen again.
He did swear that it contained CoreCodec's copyrighted code.
No, actually, he didn't. Here's what he said:
I hereby confirm that I have a good faith belief that use of the Software in the manner described in this letter is not authorized by the copyright owner, its agent, or the law, and that, under penalty of perjury, I am authorized to act on behalf of CoreCodec, Inc., the owner of the exclusive rights in the Software that are allegedly infringed.
I would not have been able to sign this, as I believe that this activity was protected by case law and the DMCA allowances for reverse-engineering, even given the narrow scope which the court limited it to with DeCSS. The law is, however, open to interpretation. Regardless of whether or not it _could_ be taken down, or whether it was or was not permitted under US law, _we_ shouldn't have taken it down. That's why we fought to get it back up. Our policy is to go after pirates, not customers, regardless of a single mistake made by an employee.
No, I'm quite familiar with the reverse-engineering provisions of the DMCA.
If you will recall, the purpose of DeCSS was to be used to enable playback on alternative operating systems, specifically Linux, for which no player was available. The courts still held that it was a circumvention device, and did not qualify for the interoperability exemption.
As such, this would ultimately be a matter for the courts to decide, but it doesn't really matter, since the DMCA takedown violated our policy, and shouldn't have been sent. We have given them permission, making the point moot - the prohibitions in the DMCA no longer apply to that project anyway.
I've said this a number of times, but here we go again:
1) DMCA requires you to have a "good faith" belief that your rights are infringed
2) DMCA requires you to certify "under penalty of perjury" that you represent the party whose rights are infringed.
3) CoreAVC for Linux breaks copy protection, potentially making it a circumvention device under the DMCA.
The takedown was legal, and our rights were infringed under the law.
That being said, the law is wrong, and the DMCA is a bad law. The takedown shouldn't have been sent, as the purpose of the software was not piracy.
My experience with companies like this is if they do it once they'll do it again. Maybe not another fake DMCA (too much damage control when caught) but they will do something else like change the licensing terms, abandon the work, leave paid customers high and dry, start suing customers... Something.
I am a director in the company, and my take on IP is clear. We stopped selling CoreAVC for months because of issues with Vista - if we can't sell a good product, we won't sell it at all.
As for the licensing terms, CoreCodec products should be shipped without any form of EULA. If you read my post above, I remove them whenever I find them. They aren't necessary, and are detrimental.
We have no intention of suing the customers, and have turned down companies looking to buy us. We did so not because there wasn't enough money involved, but rather the purchase was to "make us go away", and that would have hurt the products and our customers. That's right - I personally (along with others in the company, including the CEO) have walked away from significant amounts of money because I care about the product, and the customers.
Yeah, we make mistakes sometimes. After sending hundreds of DMCA takedowns to rapidshare, forums, codec packs, etc, we screwed up and sent one that shouldn't have been sent, even though they did violate the DMCA. It was a legal takedown, but it was sent to someone it shouldn't have been. I reamed the CEO a new one, we apologized publically, had the project reinstated, gave them an exemption to ensure that the project is legal, and put controls in place to make sure it can't happen again.
What more can you reasonably expect?
What they are really saying is that they've already spoken with their legal team to find out what steps are needed to cover their asses in case of a backlash of re-percussive actions that can result. More lawyer mumbo-jumbo again.
Uh, no.
CoreAVC for Linux breaks copy protection. This potentially makes it illegal under the DMCA. As such, a takedown was sent. There is not, and has never been, any potential for legal recourse, as the takedown notice was legal, and valid. The DMCA is still a bad law.
It was, however, wrong. The employee broke policy - we go after pirates, not customers.