If a DRM system is based on X.509, according to Brand I thought you could get anonymity in the transaction. Wouldn't this accomplish the same thing?
Chuck Wegrzyn ----- Original Message ----- From: "Adam Back" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] X-Orig-To: "bear" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Wednesday, June 26, 2002 3:37 PM Subject: Re: Ross's TCPA paper > On Wed, Jun 26, 2002 at 10:01:00AM -0700, bear wrote: > > As I see it, we can get either privacy or DRM, > > but there is no way on Earth to get both. > > [...] > > Hear, hear! First post on this long thread that got it right. > > Not sure what the rest of the usually clueful posters were thinking! > > DRM systems are the enemy of privacy. Think about it... strong DRM > requires enforcement as DRM is not strongly possible (all bit streams > can be re-encoded from one digital form (CD->MP3, DVD->DIVX), > encrypted content streams out to the monitor / speakers subjected to > scrutiny by hardware hackers to get digital content, or A->D > reconverted back to digital in high fidelity. > > So I agree with Bear, and re-iterate the prediction I make > periodically that the ultimate conclusion of the direction DRM laws > being persued by the media cartels will be to attempt to get > legislation directly attacking privacy. > > This is because strong privacy (cryptographically protected privacy) > allows people to exchange bit-strings with limited chance of being > identified. As the arms race between the media cartels and DRM > cohorts continues, file sharing will start to offer privacy as a form > of protection for end-users (eg. freenet has some privacy related > features, serveral others involve encryption already). > > Donald Eastlake wrote: > > | There is little *tehcnical* difference between your doctors records > | being passed on to assorted insurance companies, your boss, and/or > | tabloid newspapers and the latest Disney movies being passed on from a > | country where it has been released to people/theaters in a country > | where it has not been released. > > There is lots of technical difference. When was the last time you saw > your doctor use cryptlopes, watermarks etc to remind himself of his > obligations of privacy. > > The point is that with privacy there is an explicit or implied > agreement between the parties about the handling of information. The > agreement can not be technically *enforced* to any stringent degree. > > However privacy policy aware applications can help the company avoid > unintentionally breaching it's own agreed policy. Clearly if the > company is hostile they can write the information down off the screen > at absolute minimum. Information fidelity is hardly a criteria with > private information such as health care records, so watermarks, copy > protect marks and the rest of the DRM schtick are hardly likely to > help! > > Privacy applications can be successful to the in helping companies > avoid accidental privacy policy breaches. But DRM can not succeed > because they are inherently insecure. You give the data and the keys > to millions of people some large proportion of whom are hostile to the > controls the keys are supposedly restricting. Given the volume of > people, and lack of social stigma attached to wide-spread flouting of > copy protection restrictions, there are ample supply of people to > break any scheme hardware or software that has been developed so far, > and is likely to be developed or is constructible. > > I think content providors can still make lots of money where the > convenience, and /or enhanced fidelity of obtaining bought copies > means that people would rather do that than obtain content on the net. > > But I don't think DRM is significantly helping them and that they ware > wasting their money on it. All current DRM systems aren't even a > speed bump on the way to unauthorised Net re-distribution of content. > > Where the media cartels are being somewhat effective, and where we're > already starting to see evidence of the prediction I mentioned above > about DRM leading to a clash with privacy is in the area of > criminalization of reverse engineering, with Skylarov case, Ed > Felten's case etc. Already a number of interesting breaks of DRM > systems are starting to be released anonymously. As things heat up we > may start to see incentives for the users of file-sharing for > unauthorised re-distribution to also _use_ the software anonymsouly. > > Really I think copyright protections as being exploited by media > cartels need to be substantially modified to reduce or remove the > existing protections rather than further restrictions and powers > awareded to the media cartels. > > Adam > > --------------------------------------------------------------------- > The Cryptography Mailing List > Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]