Tweet
It already has reduce usage based on Intel ME requirement. If I ever purchase a Intel laptop again, it will have ME disabled / removed from the likes of Purism and such. Even Google doesn't really trust ME since they have worked to replaced it with Coreboot. Might only be on the server side but client side, they should receive the same security benefits of knowing what your computer is actually doing too.
-
-
-
DRM is not and has never been about security...Originally posted by Danny3 View Post
It also does not limit your freedom per-se. It's just an extension of the will of the content provider, and you are not forced to buy that content by any means.
Comment
-
It does not work like that. The DRM handling system is in the GPU hardware and takes the encrypted stream from the application (for example Netflix or a Bluray reader application) and does not send it back to userspace, it goes straight to the screen/audio.Originally posted by sandy8925 View Post
See here. https://www.anandtech.com/show/2622/2 (yes, it's a bit outdated, now we are 10 years later and that thing is commonplace and implemented by every GPU)
HDCP is just a "protection" for a digital stream when it is inside the HDMI cable, to ensure that you won't send it to unauthorized recording devices or something.There's a reason HDCP exists - content publishers are so paranoid, they don't trust users' hardware or software.
It does nothing to protect the stream when it is still inside the PC.Comment
-
And that's what exactly what "Protected Content" in OpenGL and VK 1.1 (or more exact, "protected memory" function which is much wider than just textures, blocks of memory hidden not just from OS but entire "host" system with GPU going into halt on forced attempts to access them) is for, to keep it between the cable and a trojan application. It seems Khronos is now into the business of not-so-open standards. Add that to DRM being part of official HTML standard from W3C, you get yourself nice remote trojans with elevated privileges bigger than even root/system. Or at least they will be if that shit will use firmware commands instead of kernel APIs. Big Black Box purchased with your own money.Originally posted by starshipeleven View PostLast edited by dfx.; 08 March 2018, 08:48 PM.Comment
-
Yeah, I think I'll just take my HD movies from other sources without compromiseOriginally posted by bemerk View Post
Comment
-
Can someone explain to me what prevents me fdom modifying TV or other HDCP device to record the decrypted output? This whole DRM bull*hit is ridiculous... For example Deezer was also cracked, see Deezloader. It's impossible to present you a content and prevent you sharing it at the same time or am I missing something?Comment
-
I would expect to see a patch to this which disables HDCP, but lets the app think it's enabled. Because, it's my machine.Comment
-
That'd just prevent playback. The player hands the encrypted data to the locked-down code in the Intel ME and the ME will only let the decrypted movie frames out if if it successfully handshakes with the HDCP decoder in your display so it can re-encrypt them.Originally posted by willmore View Post
This is just about enabling the necessary pass-throughs for those two locked-down blobs to communicate with each other and spoofing the HDCP decoder in the display requires a digital signature vulnerability similar to what you'd need to break SSL/TLS.Comment
-
That's nice but there still may be vulnerable HDCP decoder (Apple said iOS is secure but has been jailbroken multiple times, same with Playstation and other devices). Worst case one can always intercept signals to the LCD panel - it would need to be re-encoded but most content consumers won't notice big difference. It's pointless. Maybe it will satisfy publisher managers and they will approve more content to distributed these new online ways, that would be good, otherwise it's pointless. But as long as it doesn't have to run untrusted big bloatware spying on my computing all the time, I don't care.
Comment
Comment