Announcement

Collapse
No announcement yet.

Suppressing The Concerns Over HDCP Content Protection For Intel's Linux DRM Driver

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #31
    Originally posted by Luke View Post
    I make a point of not being one of your customers, nor one of any of the other sellers of paid and DRM'ed media. I don't know what part of "the infrastructurer" you claim to own, but you do not own our computers and only own some of the ISP's at most. Since you do not own and did not pay for my hardware, I don't owe you anything in terms of controlling it and am free to avoid both hardware and software that deny me control of m own property.
    FYI - We provide entertainment systems to hotels/mines etc - we own the set top box (STB) and the distribution of media.
    Also, there are lots of things in the Linux kernel that you will never use / have use for / want, your argument of not wanting it yourself is not a solid one.

    Originally posted by Luke View Post
    That said (as I said on another post), if you write code you use for DRM that I have another use for (e.g. disabling screenshots by malware while encrypted chat, encrypted email, or sensitive video editing is going on), and that code is released under the GPL or a similar license I won't hesistate put it to this alternate use.
    All very good uses
    Originally posted by Luke View Post
    DRM itself has both the "too many users in the group" problem and also often to "too few possible keys in use" problem at some level to really secure anything, unless your objective is limited to getting a couple weeks of lead time before your product goes to bittorrent. I will bring back the example of distributing a pre-release copy of a movie to reviewers without it ending up on bittorrent. I could insist each reviewer use my PGP key to send me a 35 random character passphrase, and send (online or sneakernet, it makes no difference), a disk image with a LUKS encrypted volume containing BOTH the OS and the video file to watch. That's about as secure as it gets-except any crooked reviewer still has their copy of the key plus everything encrypted with it.

    OK, so you provide the key yourself, and find some way to send it encrypted and hide it from the user, and still have a different key for every user. The machine still had to run to use the key, and some piece of hardware has to have the decrypted key in some kind of memory or register. Even hardware curtained RAM etc would only slow this down. Possible attacks include things like altering signed binaries and/or signed drivers after they have been loaded, plain old buffer overflows, hardware exploits, that sort of thing. Remember: posession=ROOT, and no computer can ever be simultaniously trusted by two mutually opposing parties.

    You would have to provide the entire locked-down system plus a network that refuses all other connections (really own the infrastructure) and probably keep everything but the screen, mouse, and keyboard physically out of the user's home. Even then, the mouse and keyboard might be enough for root, with the end user effectively sitting at the console but all USB ports glued shut, etc.
    Yes, there are lots of weaknesses in the distribution of media (many of the perpetrated by the studios themselves - we have had to argue with them that our system that does not reuse the same encryption key for all content is actually more secure than their standard!).

    All this DRM we have to comply with is doing is preventing your average user from making unauthorised copies. you raise the bar from 0% to 20% and 80% of users stumble.

    my argument is that HDCP, while flawed, is used by a lot of companies. having it available for those that need it is better than having it out of tree where it has not passed the public review and contains bugs and security flaws.

    Comment


    • #32
      Too bad the title used the phrase, "Suppressing The Concerns...", because it played right into the whole "EVIL DRM" meme. Using "Easing The Concerns..." might have played better.

      On the side, and I believe others have made this point, if this merely enables existing hardware features, it may be annoying but it's not a problem. If it puts "protected blobs" into my kernel, that's entirely different.

      Comment


      • #33
        Originally posted by kravemir View Post

        If users weren't fucking morons violating author's rights, then there wouldn't be any need for DRM in first place.

        ​​​​​
        That's fallacy. Using same argument, you can say, everyone should be policed and wear handcuffs just in case, because of morons criminals around. If you support this idea, you are proponent of the police state methodology. That's what DRM is trying to push on everyone. It's unacceptable.

        Comment


        • #34
          Originally posted by ssokolow View Post

          Even that conception of "author's rights" is based on industry propaganda. For most of human history, "cultural artifacts" enjoyed no copyright-like protection.

          Copyright began as a censorship pact between the crown and the printer's guilds. ("You refuse to print stuff we don't like and we'll throw anyone else who uses a printing press in prison.")

          When U.S. copyright began, it was specifically designed to incentivize more content entering the public domain with the following restrictions:
          1. It was opt-in, not opt-out.
          2. The constitution specifically grants congress the ability to enact copyright laws "to promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries." (emphasis mine)
          3. The original U.S. copyright law only applied to "maps, charts, and books".
          4. Original copyright law was for 14 years with the ability to renew for another 14.
          5. Music became copyrightable as a creeping process via "printed compilations of sheet music qualify as 'books'" and "If sheet music is copyrightable, recorded music should be too".
          Recipes, fashion designs, and jokes still aren't copyrightable, yet restaurants, clothing companies, and comedians still turn a profit. (Brand-name clothing companies tend to rely on trademark law by prominently featuring their own logos.)

          ...and why should art and culture be copyrightable? Why should most of the population have to toil away at a 9-to-5 job while a specific subset of entrepreneurs who go by titles like "musician" get to leech off a single afternoon's recording session for the rest of their lives?
          None of this is relevant. Why should most of the population be going to 9-to-5 job, and feed pockets of their bosses?

          Author's rights are protecting non-material work. You're free to accept the deal, and buy it. But, if you think, that it's not worth it. Then, you're free to refuse the deal, and don't buy it, don't watch it, don't listen to it.

          Comment


          • #35
            Originally posted by shmerl View Post

            That's fallacy. Using same argument, you can say, everyone should be policed and wear handcuffs just in case, because of morons criminals around. If you support this idea, you are proponent of the police state methodology. That's what DRM is trying to push on everyone. It's unacceptable.
            No, I'm not proponent of the police state methodology. This technology is an optional, it doesn't limit normal functioning of anything else. It can be used on demand, by applications which are protecting their content with it.

            I'm just a programmer. And, I know the value of time spent by creation of non-material things. I'm paid by hour, therefore it doesn't directly affect me. But, if somebody stole our software, then it would do a harm to company, which is paying their workers.

            Comment


            • #36
              Originally posted by kravemir View Post

              No, I'm not proponent of the police state methodology.
              Think about what makes policing overreaching. Some policing is OK, some is unacceptable. Where is that line? It becomes bad when it starts treating everyone as a criminal by default (presumption of guilt instead of presumption of innocence), and when it universally breaches privacy for the sake of preventing crime.

              DRM does both. It treats everyone as a criminal (presumption of guilt) and performs that policing in your private digital space (on your computer, in the OS you run, in the program you use and etc.). Compare it to placing police camera or some enforcer straight into your house, just in case you decide to do something illegal. To make the analogy closer, let's say this policeman is placed there only if you buy some book that you need (so you can claim, don't buy the book, and therefore policeman is really optional). You get the idea. Whether you buy the book or not, no one should have any business policing you in your private space. Unless they are actually targeting a criminal.

              If you support such policing however, you are accepting the methodology of oppressive regimes and police states. The premise is the same.
              Last edited by shmerl; 12-05-2017, 10:49 AM.

              Comment


              • #37
                Originally posted by shmerl View Post

                Think about what makes policing overreaching. Some policing is OK, some is unacceptable. Where is that line? It becomes bad when it starts treating everyone as a criminal by default (presumption of guilt instead of presumption of innocence), and when it universally breaches privacy for the sake of preventing crime.

                DRM does both. It treats everyone as a criminal (presumption of guilt) and performs that policing in your private digital space (on your computer, in the OS you run, in the program you use and etc.). Compare it to placing police camera or some enforcer straight into your house, just in case you decide to do something illegal. To make the analogy closer, let's say this policeman is placed there only if you buy some book that you need (so you can claim, don't buy the book, and therefore policeman is really optional). You get the idea. Whether you buy the book or not, no one should have any business policing you in your private space. Unless they are actually targeting a criminal.

                If you support such policing however, it's clearly a methodology of oppressive regimes and police states. There are no two ways about it.
                No. Criminals are treated by punishment. This is a prevention and protection. If you enter some secured area, you put off your weapons and sharp metal equipment. Does that make you a criminal? No, it's just a precaution against possible harm.

                You don't have to enter any secured area, if you don't want to. Also, you're free not to use any DRM protected software, if you don't want to.

                How does it breaches privacy? Does it leak any information from computer?

                Comment


                • #38
                  Originally posted by kravemir View Post

                  No. Criminals are treated by punishment. This is a prevention and protection.
                  I already explained to you how prevention and protection can be unethical when it's overreaching. See also: https://en.wikipedia.org/wiki/Fourth...s_Constitution

                  TL;DR: policing should be targeting criminals with probable cause, not breaching everyone's privacy to prevent potential crime.

                  Originally posted by kravemir View Post
                  You don't have to enter any secured area, if you don't want to. Also, you're free not to use any DRM protected software, if you don't want to.
                  Did you even read what I wrote above? No matter what you need or not, policing should not be done in your private [digital] space. That's already overreaching.
                  Last edited by shmerl; 12-05-2017, 10:55 AM.

                  Comment


                  • #39
                    Originally posted by shmerl View Post

                    I already explained to you how prevention and protection can be unethical when it's overreaching. See also: https://en.wikipedia.org/wiki/Fourth...s_Constitution

                    TL;DR: policing should be targeting criminals with probable cause, not breaching everyone's privacy to prevent potential crime.
                    How does it search any user? How does it breach privacy?

                    It's just a prevention against pirating stuff. It doesn't presume, that everybody is guilty. It just considers, that every user could be guilty. So, in order to prevent against pirating my stuff, I'm protecting my content with DRM.

                    If you enter the plane, nobody thinks or presumes you're a criminal. But, they do scans and checks, as a protection. But, this DRM doesn't breach any privacy, compared to scans and checks on airports.

                    Comment


                    • #40
                      Originally posted by kravemir View Post
                      How does it breach privacy?
                      By policing you in your private digital space. It runs on your private system.

                      I think you perfectly understand what I'm saying. You just don't want to admit, what endorsing such policing entitles.

                      Comment

                      Working...
                      X