IP: from Intel RE: IBM&Intel push copy protection into ordinary disk drives
In reply to your message below, I have three questions: (a) Can you point to existing documentation, such as working-group notes, draft proposals, etc, which clearly state that this proposal is -not- intended for hard-drive manufacturers? Preferred sources would be URL's to web pages which were online -before- the Register's story---otherwise, the suspicion among many will be that Intel (and others) are backpedalling after extremely negative public reaction. (b) It seems peculiar that this is aimed at CF in the first place. The dominant consumer devices using CF are digital still-picture cameras, which cannot be a copyright concern to the major commercial content producers. And while it is conceivable that their concern is audio downloads into MP3-playing devices, encrypting the storage -on- the device is only meaningful if (1) CF cards are sold with prerecorded content---a dubious business proposition at best---or (2) the entire path from web through computer to CF card programming is similarly protected, which lands us squarely in the problem is accomplishing this in (so far) unsecured hardware---and again it starts looking like this is the start of a process to make the hard disks themselves secured, along with software on the machine which is protected by the anticircumvention language of the DMCA. [Or (3) special-purpose devices which do nothing but connect to a web site---how?---and load the CF with content, which is another dubious business proposition.] [Note carefully that I am -not- asking, "What have -consumers- asked for?", because it is vanishingly unlikely that so-called consumers -ever- ask for -any- form of content protection, which invariably makes their lives more difficult and asserts the implicit assumption that all paying customers are in reality thieves.] (c) Because of (a) and especially (b), it still looks like this proposal is the nose under the tent towards exactly what the Register article complained about---securing hard disks themselves. What assurances can you give that this will -never- happen? Are there citations to printed and/or online sources which explain this position? I await your clarification of these issues. Thank you for your time. Date: Tue, 26 Dec 2000 06:35:10 -0500 From: Dave Farber <[EMAIL PROTECTED]> >From: "Gelsinger, Patrick P" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] > >Dave - > >As a regular reader of your IP reader, I would apprecaite you diseminating a >correction to your mailing on Dec 22. > >Content protection technology misinformation generates negative web-press >coverage: > >An article on The Register website "Stealth plan puts copy protection into >every hard drive" contains false information that the 4C's (Intel, IBM, MEI, >Toshiba) Content Protection for Recordable Media (CPRM) is to be applied to >all PC hard drives. It is misinterpreting a specification for use of CPRM >with the Compact Flash media format (which supports either semiconductor >flash memory or IBM microdrives) probably because Compact Flash uses the >same command protocol interface as standard PC harddrives. The technology >is neither intended nor licensed for use with PC harddrives and is optional >even for the supported media types (flash memory and microdrives). John >Gilmore, a noted privacy and consumer advocate, has picked up the article >and further propagated the erroneous information and mentioned Intel >"IBM&Intel push copy protection into ordinary disk drives". I have alerted >public relations at Intel and are disseminating accurate information within >Intel and among our industry contacts. > > Pat. For archives see: http://www.interesting-people.org/
fyi: IP: from Intel RE: IBM&Intel push copy protection into ordinary
--- Forwarded Message Date: Tue, 26 Dec 2000 06:35:10 -0500 To: [EMAIL PROTECTED] From: Dave Farber <[EMAIL PROTECTED]> Subject: IP: from Intel RE: IBM&Intel push copy protection into ordinary disk drives >From: "Gelsinger, Patrick P" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] > >Dave - > >As a regular reader of your IP reader, I would apprecaite you diseminating a >correction to your mailing on Dec 22. > >Content protection technology misinformation generates negative web-press >coverage: > >An article on The Register website "Stealth plan puts copy protection into >every hard drive" contains false information that the 4C's (Intel, IBM, MEI, >Toshiba) Content Protection for Recordable Media (CPRM) is to be applied to >all PC hard drives. It is misinterpreting a specification for use of CPRM >with the Compact Flash media format (which supports either semiconductor >flash memory or IBM microdrives) probably because Compact Flash uses the >same command protocol interface as standard PC harddrives. The technology >is neither intended nor licensed for use with PC harddrives and is optional >even for the supported media types (flash memory and microdrives). John >Gilmore, a noted privacy and consumer advocate, has picked up the article >and further propagated the erroneous information and mentioned Intel >"IBM&Intel push copy protection into ordinary disk drives". I have alerted >public relations at Intel and are disseminating accurate information within >Intel and among our industry contacts. > > Pat. For archives see: http://www.interesting-people.org/ --- End of Forwarded Message
Re: copy protection
On Mon, 25 Dec 2000 01:23:41 +0100 [EMAIL PROTECTED] writes: > [...] > > > So -if-, by some happenstance, commercial vendors somehow manage to > > convince themselves and their customers that this is somehow a better > > world, and their customers fail to vote with their feet (perhaps > > Don't kid yourself. No one is that kind of stupid. If they indeed > are, then it's not worth fighting for, anyway. Looks clearly win/win > to me. Actually, the CPSA (Content Protection System Architecture) introduces a nice twist (as in `twist your arm'): `Encryption is a way of scrambling digital content so that it is unusable (not recognizable) unless it is first descrambled (decrypted). To get the necessary intellectual property to be able to decrypt the content, a license is required. That license contract specifies requirements to manage the content according to its CMI [Content Management Information].' In other words, if all DVD content is encrypted, all DVD players will have to be compliant... We may see more compliant players than we like. Jaap-Henk -- Jaap-Henk Hoepman | Come sail your ships around me Dept. of Computer Science | And burn these bridges down University of Twente | Nick Cave - "Ship Song" Email: [EMAIL PROTECTED] === WWW: www.cs.utwente.nl/~hoepman Phone: +31 53 4893795 === Secr: +31 53 4893770 === Fax: +31 53 4894590 PGP ID: 0xF52E26DD Fingerprint: 1AED DDEB C7F1 DBB3 0556 4732 4217 ABEF
Re: copy protection
On Mon, 25 Dec 2000, Jay Holovacs wrote: >I expect the approach will make the software refuse to install on >noncompliant disks. They already have extensive equipment requirements, >adding compliant disks to the list (especially when virtually all machines >are shipping with them) is trivial. I figure they'll probably lobby congress for a "copyright tax" to be levied on all noncompliant drives, creating a price differential where the copy-protected drives are cheaper. Such taxes are already in place in many countries. Bear
Re: copy protection
On Mon, 25 Dec 2000, Jay Holovacs wrote: >At 01:23 AM 12/25/2000 +0100, [EMAIL PROTECTED] wrote: >>Don't tell me I can't find a crypto-free mass storage >>vendor. > >I expect the approach will make the software refuse to install on >noncompliant disks. They already have extensive equipment requirements, >adding compliant disks to the list (especially when virtually all machines >are shipping with them) is trivial. I had to laugh when I read this, because all the software I use is opensource. I just can't see a future where open source software refuses to install on anything. But then I thought about it -- The simple fact that opensource users won't have a problem means that opensource users won't revolt. It's the commercialware users that will have a problem -- but if the transition is handled fairly smoothly (ie, the drives are out about two years before software that requires them starts appearing) they won't revolt until it's too late. One thing that the music distributors are going to have to deal with sooner or later is a simple principle of economics; merchandise with zero marginal cost tends eventually toward zero marginal profit. Bear
Re: copy protection
At 01:23 AM 12/25/2000 +0100, [EMAIL PROTECTED] wrote: >Don't tell me I can't find a crypto-free mass storage >vendor. I expect the approach will make the software refuse to install on noncompliant disks. They already have extensive equipment requirements, adding compliant disks to the list (especially when virtually all machines are shipping with them) is trivial. The only protection from this is user revolt. Hopefully it will occur. jay
Re: copy protection
Lenny Foner wrote: > But the world is -different- now. > > The DMCA exists, and its anticircumvention language will be used as > a bludgeon to sue and perhaps even lock up people who do anything to > bypass the crypto in the disk. Thus, a purely technical solution This assumes I own the disk. Why should I be so stupid as to pay for my own bondage tools, not even being kinky? As long as there are alternatives? Don't tell me I can't find a crypto-free mass storage vendor. Especially, since they have to pay *royalties* for putting it in. IBM does make fine drives, I'll be sad to buy Maxtor's. My heart is bleeding, honestly. Can't say anything about Intel, never bought their silicon. Toshiba, either. The fourth one in the quartumvirate I forgot, so it can't be all that important. Dust in the wind. > can't be deployed in any way that really helps a large number of > people---it can't be put into Linux, for example, if the CSS cases Why? Anything The Man can do about Freenet, or MojoNation? Especially, if the successors of it are indistinguishable from an SSL browser session? No one can pull the plug on the Net now, and we're faster than the countermeasures. > are won by the DVDCCA, and no commercial vendor will risk it, either. The worse for the commercial vendors. I can get my Debian off the net just fine, thanks. > Remember also that in the case of DeCSS, the original creator wasn't > even in a region that is subject to US law! At least, in theory... Right, in theory. Unenforcible laws are not worth the dead tree they're printed on. In fact, any unenforcible laws make immature me violate them as frequently as possible, just because I can, and not supposed to, and no one can do anything about it. Kinda makes one look stupid for concocting the law in the first place. > So -if-, by some happenstance, commercial vendors somehow manage to > convince themselves and their customers that this is somehow a better > world, and their customers fail to vote with their feet (perhaps Don't kid yourself. No one is that kind of stupid. If they indeed are, then it's not worth fighting for, anyway. Looks clearly win/win to me. > because they are given no choice? there aren't -that- many hard disk > vendors these days), technical workarounds will be litigation targets. The more pressing the need for open hardware, and putting the means of production on people's desks. Less than a decade to wait, I'm betting. -- __ icbmto:N 48 10'07'' E 011 33'53''http://www.lrz.de/~ui22204 ED 90 04 33 EB 74 E4 A9 53 7F CF F5 86 E7 62 9B 57 F9 CF D3
Re: copy protection
On Sun, 24 Dec 2000, Lenny Foner wrote: >The DMCA exists, and its anticircumvention language will be used as >a bludgeon to sue and perhaps even lock up people who do anything to >bypass the crypto in the disk. Which simply means: "hack all that you want, but don't get caught". Which is why we have anonymous remailers, the various projects aiming to provide eternity service and the like. Besides, you will have a hard time showing that DMCA applies at all. Unlike with DVD's, the medium and the content are not linked in any way. It is difficult to see how content owners could have anything to do with protection measures which aren't their own. Sampo Syreeni <[EMAIL PROTECTED]>, aka decoy, student/math/Helsinki university
Re: copy protection
On 24 Dec 2000, Paul Crowley wrote: >"Trivial" is overstating it, I think. I've seen dongle-based license >code designed such that if you tried modifying the code to skip the >dongle check, the program's pointer arithmetic would go screwy and it >would crash in horrible ways. That is one of many, many ways to make code difficult to crack. Few ordinary coders would believe the kind of pipe dreams some people can come up with when they really want nobody to mess with their code - for instance, actually emulating the microprocessor with a totally malformed statemachine and running the code on top of that. Or letting some asynch parallel process (like DMA) rewrite the code and rely on timing gimmicks to give the right version just as the program counter crosses the modified code (so that to debug, you would need to have a debugger which virtualizes everything perfectly - a rarity; dedicated people roll their own as they go, naturally). Anything. Compared to measures of that sort, what you're describing indeed sounds rather tame. In fact, you would not believe the kind of morality boost that sort of thing gives to a hacker, with hacker taken in the original sense of the word. I've seen people go on for 48 hours straight pounding the stuff simply because it reads like a challenge and then discard the puzzle after it's solved. There are plenty of capable coders around, and more in line should copy protection once again become a widespread nuisance. So I'm pretty much sure all software short of provably secure will end up being circumvented. The rest will be patched, with patches distributed online. Tamper proof hardware is the only solution and as everybody knows, it's not exactly fool-proof either. Sampo Syreeni <[EMAIL PROTECTED]>, aka decoy, student/math/Helsinki university
copy protection
Date: 24 Dec 2000 02:26:35 -0500 From: "Perry E. Metzger" <[EMAIL PROTECTED]> [ . . . ] Getting around the license stuff will always be trivial, however, in spite of the pipe dreams of fools. If the software can be read by the user's computer, it can be copied. If it can be copied, automated tools will be developed to permit it. Fake "cryptography", hardware "keys", hardware modifications and all the other garbage people try are at best ways to slow down duplication and to annoy legitimate users. None of it works in the end. The sick thing is, all of it has been tried before, over and over, and yet new companies constantly appear promising new holy grails for the copy protection crowd. But the world is -different- now. The DMCA exists, and its anticircumvention language will be used as a bludgeon to sue and perhaps even lock up people who do anything to bypass the crypto in the disk. Thus, a purely technical solution can't be deployed in any way that really helps a large number of people---it can't be put into Linux, for example, if the CSS cases are won by the DVDCCA, and no commercial vendor will risk it, either. Remember also that in the case of DeCSS, the original creator wasn't even in a region that is subject to US law! At least, in theory... So -if-, by some happenstance, commercial vendors somehow manage to convince themselves and their customers that this is somehow a better world, and their customers fail to vote with their feet (perhaps because they are given no choice? there aren't -that- many hard disk vendors these days), technical workarounds will be litigation targets.
Re: copy protection
At 02:26 AM 12/24/00 -0500, Perry E. Metzger wrote: >Getting around the license stuff will always be trivial, however, in >spite of the pipe dreams of fools. If the software can be read by the >user's computer, it can be copied. If it can be copied, automated >tools will be developed to permit it. > >Fake "cryptography", hardware "keys", hardware modifications and all >the other garbage people try are at best ways to slow down duplication >and to annoy legitimate users. None of it works in the end. The sick >thing is, all of it has been tried before, over and over, and yet new >companies constantly appear promising new holy grails for the copy >protection crowd. I disagree that it is pointless, although I agree that copy/run protection can always be subverted, because at some place the content is cleartext in order to be used. All locks are subvertable, but they're still useful e.g., on cars --- to deter amateur (trivial) theft and to correct mistaken identities (two identical cars near each other in a parking lot). For esoteric software @ $100,000 per seat, and users with reasonable assets, bypassable security is a practical reminder of the liability should you get caught. Of course, for say 3rd world companies who don't have that kind of cash, and aren't worried about copyright law, reverse engineering could be worth it -esp. since you're not spending a $100,000/yr engineer on reverse engineering it. And I'll argue that even if a perfectly cracked version of esoteric software (some $100K/seat _Synopsys_ tool, say) were freely circulated, it would not be used by the folks who pay for it now. _Photoshop_, yes, but that would be pop software; and graphic arts shops still license it. But for say consumer products -music, videos, pop software- the game is over. As a senior engineer at a massive Japanese entertainment company acknowledged to me, "they have logic analyzers in Hong Kong." dh
Re: copy protection
Paul Crowley <[EMAIL PROTECTED]> writes: > "Trivial" is overstating it, I think. I've seen dongle-based license > code designed such that if you tried modifying the code to skip the > dongle check, the program's pointer arithmetic would go screwy and it > would crash in horrible ways. It was a damn clever design, which I > can't say much about here except that it depended on a fairly detailed > understanding of the innards of several parts of a large and complex > program, and so making the appropriate fix would be a sizeable job for > a very skilled and patient hacker; for example, it did not depend on > branches that were only taken when the dongle was absent. > > Of course, it could be cracked, but it wouldn't have been trivial. I find that very hard to believe. At some point, you can (at worst) simulate the returns of the routine that examines the dongle. Even assuming they've done something really clever, though, once cracked, it is cracked for all time. Building a tool to get around the "clever copy protection" in an automatic way for programs using said "clever copy protection" then becomes feasible, indeed, inevitable. Almost all copy protection schemes are, in the end, snake oil. You cannot prevent people from eventually cracking around them. Manufacturers spend huge amounts of time fretting over finding ways to annoy their customers, when (IMHO) lost revenue due to piracy is not significantly reduced by copy protection. Their legitimate customers, however, are often significantly hurt by the schemes. Ah well. Another good argument for the open source model. Perry -- Perry E. Metzger[EMAIL PROTECTED] -- Quality NetBSD CDs, Support & Service. http://www.wasabisystems.com/
Re: copy protection
"Perry E. Metzger" <[EMAIL PROTECTED]> writes: > Getting around the license stuff will always be trivial, however, in > spite of the pipe dreams of fools. If the software can be read by the > user's computer, it can be copied. If it can be copied, automated > tools will be developed to permit it. "Trivial" is overstating it, I think. I've seen dongle-based license code designed such that if you tried modifying the code to skip the dongle check, the program's pointer arithmetic would go screwy and it would crash in horrible ways. It was a damn clever design, which I can't say much about here except that it depended on a fairly detailed understanding of the innards of several parts of a large and complex program, and so making the appropriate fix would be a sizeable job for a very skilled and patient hacker; for example, it did not depend on branches that were only taken when the dongle was absent. Of course, it could be cracked, but it wouldn't have been trivial. -- __ \/ o\ [EMAIL PROTECTED] /\__/ http://www.cluefactory.org.uk/paul/
Re: IBM&Intel push copy protection into ordinary disk drives
--- begin forwarded text Date: Sat, 23 Dec 2000 22:42:35 -0800 From: Somebody To: "R. A. Hettinga" <[EMAIL PROTECTED]> Subject: Re: IBM&Intel push copy protection into ordinary disk drives > --- begin forwarded text > >Subject: Re: IBM&Intel push copy protection into ordinary disk drives > >To: [EMAIL PROTECTED] > >From: [EMAIL PROTECTED] > >> This hard drive thing sounds a lot more like 4C than TCPA though. > > > >The hard drive thing is apparently 4C, but seems like it'd fit in "nicely" > >(for someone's definition of nicely) with a TCPA-based system. Don't forget Intel and IBM are charter members of both these scuzzy outfits. And somebody please tell me what good an encrypted hard drive is gonna be when the key material has to pass through an untrusted PC running a see-through OS such as Windows? If one is actually trying to save the data _from_ the PC operator not _for_ him/her, one needs a TCPA-like hardening. At least Intel and IBM must realize this. --- end forwarded text -- - R. A. Hettinga The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
copy protection
David Honig <[EMAIL PROTECTED]> writes: > Just a historical anecdote. Back in the old days, software > could be linked to the unique ID on Sun motherboards. To move > software to a new machine, you called and maybe faxed something > signed (with a pen) to the effect that you weren't ripping them off. > > This was before the software-based floating licenses became > popular. At a large firm I worked at, we wrote a kernel mod for SunOS that lied to the executables about what the system ID was. We did not steal licenses, mind you -- we did this because we would often have systems crash in the middle of the night and need to move the executables to another system, and the folks at the software company would not be in their office to give us license keys until morning. Getting around the license stuff will always be trivial, however, in spite of the pipe dreams of fools. If the software can be read by the user's computer, it can be copied. If it can be copied, automated tools will be developed to permit it. Fake "cryptography", hardware "keys", hardware modifications and all the other garbage people try are at best ways to slow down duplication and to annoy legitimate users. None of it works in the end. The sick thing is, all of it has been tried before, over and over, and yet new companies constantly appear promising new holy grails for the copy protection crowd. Perry
Re: IBM&Intel push copy protection into ordinary disk drives
[EMAIL PROTECTED] said: > If they wern't involved in TCPA before Well actually, that excerpt of Intertrust's S1 was a listing of potential competitors in their discussion of risks. > they are now- they just announced > a deal with Wave Systems, who is a founder of TCPA. > > http://biz.yahoo.com/bw/001219/ma_wave_sy.htm Hm, Yahoo sez that aritcle has expired, but there's this press release on the Wave.com site.. http://www.wave.com/news/press_archive/001219rightschip.htm > This hard drive thing sounds a lot more like 4C than TCPA though. The hard drive thing is apparently 4C, but seems like it'd fit in "nicely" (for someone's definition of nicely) with a TCPA-based system. JeffH
Re: IBM&Intel push copy protection into ordinary disk drives
On Fri, Dec 22, 2000 at 10:42:15AM -0800, [EMAIL PROTECTED] wrote: > It's also innaresting to note that there's these hints in InterTrust's S-1/A > filed way back in 1999-09-28 (note especially the second two).. > > . providers of secure digital distribution technology like AT&T, IBM, > Microsoft, Liquid Audio, Preview Systems, and Xerox; > > . providers of hardware-based content metering and copy protection systems, > including Sony, Wave Systems, and the 4C Entity, comprised of IBM, Intel, > Matsushita, and Toshiba; and > > . operating system manufacturers, including Microsoft or Sun Microsystems, > that may develop or license digital rights management solutions for > inclusion in their operating systems. > > http://www.sec.gov/Archives/edgar/data/1089717/0001012870-99-003407.txt > > I wonder whether (read: suspect) the last one is referring to the Trusted > Computing Platform Alliance (http://www.trustedpc.org/). If they wern't involved in TCPA before, they are now- they just announced a deal with Wave Systems, who is a founder of TCPA. http://biz.yahoo.com/bw/001219/ma_wave_sy.htm This hard drive thing sounds a lot more like 4C than TCPA though. -- Eric Murray Consulting Security Architect SecureDesign LLC http://www.securedesignllc.comPGP keyid:E03F65E5
Re: About Gilmore's letter on IBM&Intel push copy protection into ordinary disk drives
On Fri, 22 Dec 2000 [EMAIL PROTECTED] wrote: > I agree. I lived through the "physical" floppy disk copy-protection wars of > the early 80's (wherein such copy-protection technologies fell out of popular > usage) and am extremely skeptical about whether the market will accept this > stuff for all the reasons you cite. An interesting observation about the physical floppy protection methods of the 80s... Some vendows were quite willing to use protection methods that would eventually destroy the hardware. (One involved bouncing the heads off the back-end of the drive in an odd fashion. It would eventually destroy the alignment on the drive or the drive itself.) I worry about this sort of thing because the copy protection police have shown by their past actions that they are not concerned by any unintended consiquences of their actions. As long as it "protects" their little feifdom, they could care less about any of the other effects. (Like damaged hardware, being unable to use the product with other similar products, etc.) Very shortsighted attitude. Blinded by greed and teritorial games. [EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply Alan Olsen| to my mail, just hit the ctrl, alt and del keys. "In the future, everything will have its 15 minutes of blame."
Re: IBM&Intel push copy protection into ordinary disk drives
It's also innaresting to note that there's these hints in InterTrust's S-1/A filed way back in 1999-09-28 (note especially the second two).. . providers of secure digital distribution technology like AT&T, IBM, Microsoft, Liquid Audio, Preview Systems, and Xerox; . providers of hardware-based content metering and copy protection systems, including Sony, Wave Systems, and the 4C Entity, comprised of IBM, Intel, Matsushita, and Toshiba; and . operating system manufacturers, including Microsoft or Sun Microsystems, that may develop or license digital rights management solutions for inclusion in their operating systems. http://www.sec.gov/Archives/edgar/data/1089717/0001012870-99-003407.txt I wonder whether (read: suspect) the last one is referring to the Trusted Computing Platform Alliance (http://www.trustedpc.org/). JeffH
Re: About Gilmore's letter on IBM&Intel push copy protection into ordinary disk drives
I agree. I lived through the "physical" floppy disk copy-protection wars of the early 80's (wherein such copy-protection technologies fell out of popular usage) and am extremely skeptical about whether the market will accept this stuff for all the reasons you cite. JeffH
Re: IBM&Intel push copy protection into ordinary disk drives
> The Register has broken a story of the latest tragedy of copyright > mania in the computer industry. Intel and IBM have invented and are > pushing a change to the standard spec for PC hard drives that would > make each one enforce "copy protection" on the data stored on the hard > drive. You wouldn't be able to copy data from your own hard drive to > another drive, or back it up, without permission I suppose the limitations of these would have to be stated when offered for sale to keep within (to quote from another web page) [n]ational (and international) consumer law, especially that of the UK and that promulgated by the EC The Trades Descriptions Act (in the UK) The general concept of "fitness for purpose" -- ## # Antonomasia [EMAIL PROTECTED] # # See http://www.notatla.demon.co.uk/# ##
Re: IBM&Intel push copy protection into ordinary disk drives
I didn't notice any relevant links in the Register article. A little pokin' with a search engine yielded.. Welcome to 4C Entity http://www.dvdcca.org/4centity/ For further (and possibly related) entertainment, see also.. Trusted Computing Platform Alliance http://www.trustedpc.org/ Reading their stuff and listening to their session talk at RSA 2000 had me wondering whether they were trying to keep user "secure" in the face of possibly tainted/malicious computers+software, or computers+software(+content) secure from (both legitimate and malicious) users. JeffH
IBM&Intel push copy protection into ordinary disk drives
The Register has broken a story of the latest tragedy of copyright
mania in the computer industry. Intel and IBM have invented and are
pushing a change to the standard spec for PC hard drives that would
make each one enforce "copy protection" on the data stored on the hard
drive. You wouldn't be able to copy data from your own hard drive to
another drive, or back it up, without permission from some third
party. Every drive would have a unique ID and unique keys, and would
encrypt the data it stores -- not to protect YOU, the drive's owner,
but to protect unnamed third parties AGAINST you.
The same guy who leads the DVD Copy Control Association is heading the
organization that licenses this new technology -- John Hoy. He's a
front-man for the movie and record companies, and a leading figure in
the California DVD lawsuit. These people are lunatics, who would
destroy the future of free expression and technological development,
so they could sit in easy chairs at the top of the smoking ruins and
light their cigars off 'em.
The folks at Intel and IBM who are letting themselves be led by the
nose are even crazier. They've piled fortunes on fortunes by building
machines that are better and better at copying and communicating
WHATEVER collections of raw bits their customers desire to copy. Now
for some completely unfathomable reason, they're actively destroying
that working business model. Instead they're building in circuitry
that gives third parties enforceable veto power over which bits their
customers can send where. (This disk drive stuff is just the tip of
the iceberg; they're doing the same thing with LCD monitors, flash
memory, digital cable interfaces, BIOSes, and the OS. Next week we'll
probably hear of some new industry-wide copy protection spec, perhaps
for network interface cards or DRAMs.) I don't know whether the movie
moguls are holding compromising photos of Intel and IBM executives
over their heads, or whether they have simply lost their minds. The
only way they can succeed in imposing this on the buyers in the
computer market is if those buyers have no honest vendors to turn to.
Or if those buyers honestly don't know what they are being sold.
So spread the word. No copy protection should exist ANYWHERE in
generic computer hardware! It's up to the BUYER to determine what to
use their product for. It's not up to the vendors of generic
hardware, and certainly not up to a record company that's shadily
influencing those vendors in back-room meetings. Demand a policy
declaration from your vendor that they will build only open hardware,
not covertly controlled hardware. Use your purchasing dollars to
enforce that policy.
Our business should go to the honest vendors, who'll sell you a drive
and an OS and a motherboard and a CPU and a monitor that YOU, the
buyer, can determine what is a valid use of. Don't send your money
to Intel or IBM or Sony. Give your money to the vendors who'll sell
you a product that YOU control.
John
http://www.theregister.co.uk/content/2/15620.html
Stealth plan puts copy protection into every hard drive
Hastening a rapid demise for the free copying of digital media, the next
generation of hard disks is likely to come with copyright protection
countermeasures built in.
Technical committees of NCTIS, the ANSI-blessed standards body, have been
discussing the incorporation of content protection currently used for
removable media into industry-standard ATA drives, using proprietary
technology originating from the 4C Entity. They're the people who brought
you CSS2: IBM, Toshiba Intel and Matsushita.
The scheme envisaged brands each drive with a unique identifier at
manufacturing time.
The proposals are already at an advanced stage: three drafts have already
been discussed for incorporating CPRM (Content Protection for Recordable
Media) into the ATA specification by the NCTIS T.13 committee. The
committee next meets in February. If, as expected, the CPRM extensions
become part of the ATA specification, copyright protection will be in every
industry-standard hard disk by next summer, according to IBM.
However, what's likely to create a firestorm of industry protest is that
the proposed mechanism introduces problems to moving data between compliant
and non-compliant hard drives. Modifications to existing backup programs,
imaging software, RAID arrays and logical volume managers will be required
to cope with the new drives, The Register has discovered.
The ramifications are enormous. Although the benefit to producers is great
- - bringing the holy grail of secure content one step closer - the costs to
consumers will be significant. For example, corporate IT departments will
be unable to mix compliant and non-compliant ATA drives as they try to
enforce uniform back up policies, we've discovered. Restoring perso
Re: Copy protection proposed for digital displays
At 03:56 PM 2/23/00 -0600, Rick Smith wrote: >Now, on the other hand, they could do smartcard sorts of things like the >satellite TV folks. That ups the ante, since you have to build in a >smartcard reader and do smartcard-based key management. I'll bet that none >of those costs are in their business model yet. *Ding* The "open" set top boxes will have an FCC-required, *separable* access control device (aka POD or glorified sim/smartcard) which can be controlled by the head-end (ie, the cable co). The head-end can en/disable various services by talking to a POD, which does *PK ops* and both decrypts the stuff coming over the cable (if you've paid) and then re-encrypts content inside your box (if its copy protected). The box will have a unique ID, too, just like your ethernet card. The FCC-requirement that the POD be physically detachable will probably be found to be an attack point, but the Fed requires it. Fair-use excerpts :-) from the opencable.org site's public docs: 1. Introduction This copy protection specification defines the means to protect high value content on the interface between the Point of Deployment (POD) Removable Security Module and the OpenCable Host device (Host). ... Content, which is delivered with copying permitted, e.g., free access off-air broadcast content, is not copy protected and the means described in this specification do not apply to it. Such content may be encrypted from headend to POD but will be delivered in the clear on the POD Host Interface. Conversly only copying permitted content will be delivered in the clear (unencrypted) from headend to POD and so will be output in the clear from the POD to Host with CCI=00. The objective of copy protection is to secure protected content against unauthorized 1 access throughout the entire delivery chain from source to display. Program providers have deployed means to secure content from source to the cable headend and cable systems have similarly deployed secure systems from headend to home. Cable set-tops use copy protection technology to protect content on the analog and digital outputs to consumer displays. With the introduction of the POD Module, cable security will terminate in the POD. A means is needed to prevent unauthorized access on the POD«Host interface. This document specifies such a means. Basically, the POD Module shall decrypt services under control of the headend and shall re-encrypt content for the purpose of copy protection across the interface between the POD Module and Host device.2 b) The POD«Host interface is protected using: i) Integer field, 1024 bit Diffie-Hellman key exchange with DFAST intellectual property incorporated into the key exchange process.3 ii) Encryption of protected MPEG data across the interface, using DES encryption. iii) Authentication of Copy Control Information (CCI) during transmission from POD to Host. The POD will receive the CCI through an authenticated CA System message, and transfer it to the Host using a specified authentication protocol. c) Copy Protection on Host device outputs. The digital Host device will support Macrovision copy protection on standard-definition analog outputs 4 and will use 5C DTLA copy protection on digital 1394 outputs (per SCTE Standard DVS-194) when these outputs are present. Digital Host devices with other outputs will be granted a license to implement OpenCable POD Module Interface Technology only if they can satisfactorily protect copy protected material. d) [Informative 5 ] Revocation of selected services. The cable operators Conditional Access System (CAS) will maintain a list of validated Host devices. When a Host is determined to be fraudulent the CAS will selectively deny the appropriate encrypted services to the POD/Host. The denial of service may apply to all protected content or to specific content as determined by the CAS. For example, if properly enabled, the CAS may perform the following: i) Cut off service to a single channel, such as HBO. This could be done through an EMM, which would selectively deny service based on a Content Providers concerns about copy protection. ii) Cut off service on a program-by-program basis. This might be done through an ECM, which would prevent descrambling based on a flag. It addresses the Content Providers concern about a particular program being sent to a fraudulent or non-validated Host. iii) When a Host cannot be validated, e.g., it is lacking a valid certificate, the CA System will deny all copy protected services to the POD/Host. e) [Informative] Service restoration. The CAS will have the ability to deliver either a targeted or a broadcast message that authorizes the restoration of services to a POD that is mated to a Host previously identified as fraudulent but then cleared of revalidated.
Re: Copy protection proposed for digital displays
Hmmm, I didn't see any: "Xing, you'd better do a pretty good job of securing your keys, as if your systems are compromised you'll wear the financial consequences." What I saw was keys compromised, sue the folks that tell anyone about it Ian Farquhar wrote: > Look at it this way: > > "Sony, you'd better do a pretty good job of securing your keys, as if > your systems are compromised you'll wear the financial consequences." > > There is already precident for Sony (and many others) signing up to > a very similar scheme: DVD's CSS. [EMAIL PROTECTED] Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Re: Copy protection proposed for digital displays
In message <[EMAIL PROTECTED]>, Ian Farquhar writes: > > 5. Sony spends millions on recalls, PR damage control, etc. > > Look at it this way: > > "Sony, you'd better do a pretty good job of securing your keys, as if > your systems are compromised you'll wear the financial consequences." It's worth mentioning that many current business models seem to favor subscription-based services, rather than simple static content or hardware. Consider Tivo's VCR replacement, which requires a phone connection to update its viewing guide, etc. -- a feature you pay ~$10/month for. Or look at the late, (unlamented?) DIVX variant on DVD. The cost of hardware is going asymptotically to zero, and ordinary content is relatively easy to copy. Everyone knows that -- and smart companies are trying to make their money some other way. --Steve Bellovin
Re: Copy protection proposed for digital displays
> 5. Sony spends millions on recalls, PR damage control, etc. Look at it this way: "Sony, you'd better do a pretty good job of securing your keys, as if your systems are compromised you'll wear the financial consequences." There is already precident for Sony (and many others) signing up to a very similar scheme: DVD's CSS. It was only the fact that the crypto was so utterly broken that allowed recovery of all disc keys, and thus the threat of key revocation was rendered moot. That's the only reason it didn't happen. One also has to remember that the specific case of Sony is atypical, in that it is both a hardware vendor and a content provider. Perhaps looking at an example like Philips, Panasonic or Toshiba would be more instructive, as they've not got significant investment in content provision that I am aware of. -- Ian Farquhar Senior Systems Engineer Sun Microsystems Australia Pty Ltd Level 5, 33 Berry St North Sydney, NSW, 2060 Australia Email: [EMAIL PROTECTED] Phone: +61 2 9466 9465 Mobile: +61 409 601 028
Re: Copy protection proposed for digital displays
At 05:43 PM 02/21/2000 -0800, Eugene Leitl wrote: >HDCP uses a 56-bit key, with individual keys distributed to the >various vendors. A violated key could be tracked down and revoked over >a satellite broadcast network, for example. This design does not consider potential end user reactions. Consider the following: 1. I buy an expensive Sony display. 2. Some evil hacker reverse engineers the Sony key and publishes it. 3. The "satellite broadcast network" revokes Sony's key. 4. My expensive display stops working. 5. Sony spends millions on recalls, PR damage control, etc. In other words, nobody is going to revoke keys since that would revoke legitimate access by law-abiding couch potatoes and other customers. The networks and studios make billions of dollars by making minimal demands of billions of people in exchange for undemanding entertainment. This strategy puts the burden on those end users who essentially finance the system already. Sounds like a losing concept to me, but I'm not surprised someone has proposed it. Now, on the other hand, they could do smartcard sorts of things like the satellite TV folks. That ups the ante, since you have to build in a smartcard reader and do smartcard-based key management. I'll bet that none of those costs are in their business model yet. Rick. [EMAIL PROTECTED]
Re: Copy protection proposed for digital displays
At 05:46 PM 2/23/00 +1100, Ian Farquhar wrote: >Of course, there are also ways manufacturers could try to counter >this. Constructing tamper-resistant cases for monitors is one >way. Indeed, I'll suggest to everyone here that tamper >resistant enclosures (everything from "mousetraps" to FIPS-140 >style boxes) are going to become much more common in consumer >electronics. When the decryption unit is in the same package as the video DACs, the game will be much much harder. Its not been done yet, but it will. >Ultimately, this will come down to being a tradeoff between >investment and return. Who's Intel targeting? I'd suggest Well, directly they're targeting folks like http://www.opencable.com/public_docs.html who are the actual purchasers of chips in mass quantities. >they're targeting casual copiers and underfunded bootleg >operators. Against them, this may be viable. Against even a >moderately well funded piracy operation, forget it. "They have logic analyzers in hong kong"
Re: Copy protection proposed for digital displays
-BEGIN PGP SIGNED MESSAGE- At 05:59 PM 2/22/00 +1100, Ian Farquhar wrote: [much deleted, discussing a new Intel gadget for preventing pirating of video streams] >I am also forced to note that this won't stop physical >duplication, eg. by photographing the screen. Anyone >familiar with real-world piracy will know that many (if not >most) bootleg video tapes and Video-CD's of recently >released movies are produced by video taping a screen. This >won't affect that, and the market for those piracies seems >insensitive to the quality loss. I am curious: Are there better techniques for getting high-quality images out, rather than just videotaping a screen? If I am given a sealed box with a CRT, is there some technique I can do to get a better copy of what's being sent to the screen? It seems like it should be possible to read small parts of the screen very closely, perhaps detecting the power of the electron beam that's painting the image on each position and color. It's reaonable to do this over only a small area of the screen at a time. Imagine an 8'' x 10'' screen displaying a rented movie or other ``copy-proof'' video stream. That's 80 square inches, so if we could only scan in one square inch at a time, we'd just have to play the movie 80 times. We might take multiple samples from each square inch and do some kind of averaging to smooth out quantization errors, noise in the system, etc. I think all copy-protection runs into a wall when it gets to human-perceptible output, at least in dealing with determined pirates. Though the Intel scheme probably does a good job of preventing cheap, casual copying of video streams, which is presumably their purpose for doing the design in the first place. > Ian. >Disclaimer: personal opinion only. (Me, too.) - --John Kelsey, kelsey (at) counterpane (dot) com PGP: 5D91 6F57 2646 83F9 6D7F 9C87 886D 88AF -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.5.1 Int. for non-commercial use <http://www.pgpinternational.com> Comment: foo iQCVAwUBOLMPukHx57Ag8goBAQFz4gP/f5N/y9BoKbho2biUz77IpfsIXrvxZF2e xMeuZ9H5Hv79JTdgcHJUUqwNMfW2dreX5v2WWI7a8+F8hwauYNBliNCp08wjL/uO YyqeNf3oopGvwTQVEj76MbiiddMooa5lPMvjs4BwQ6kfrW3cP/xT0RIfnA9tVYVm 54P09pr6Gko= =c80/ -END PGP SIGNATURE-
Re: Copy protection proposed for digital displays
> I am curious: Are there better techniques for getting > high-quality images out, rather than just videotaping a > screen? If I am given a sealed box with a CRT, is there > some technique I can do to get a better copy of what's being > sent to the screen? It seems like it should be possible to > read small parts of the screen very closely, perhaps > detecting the power of the electron beam that's painting the > image on each position and color. It's reaonable to do this > over only a small area of the screen at a time. Imagine an > 8'' x 10'' screen displaying a rented movie or other > ``copy-proof'' video stream. That's 80 square inches, so if > we could only scan in one square inch at a time, we'd just > have to play the movie 80 times. We might take multiple > samples from each square inch and do some kind of averaging > to smooth out quantization errors, noise in the system, etc. There are easier vectors of attack than that. One idea which springs to mind would be to hook into the row and column addressing on the LCD panel itself, or (more likely) in the output stages of the LCD driver hardware. If it's a normal CRT monitor then pulling the signals out is even easier. Everything I've seen on this proposal - which isn't that much I will admit - tends to imply that the encryption is basically done in the digital link between the source and screen. It's hard to see how anything more than trivial encryption could be done between the drivers and the actual display. If you were able to pull that data, it is feasable that you could reconstruct a recordable image. Of course, there are also ways manufacturers could try to counter this. Constructing tamper-resistant cases for monitors is one way. Indeed, I'll suggest to everyone here that tamper resistant enclosures (everything from "mousetraps" to FIPS-140 style boxes) are going to become much more common in consumer electronics. One aside I will make is that tamper resistant enclosures aren't only useful for this purpose. As many people will be aware, many manufacturers of consumer goods would dearly like consumers to only have their equipment serviced at "registered" centres. In many, if not most legal juristictions, such limitations on trade are illegal, so companies are forced to use scare tactics to convince consumers of the "dangers" of third party servicing. Implementing tamper resistance to limit consumer choice would be legally dubious, but if you implemented it because of an IP protection requirement (as mandated in an industry "standard"), then it would be much harder to prosecute. The manufacturer could say "sorry, your honor, but to implement standard ABCX20YX, I am forced by the licensing standards body forced us to use a tamperproof enclosure. The effect on the servicing arrangements are unfortunate, but it's out of my control. I am sorry, but the licensing organisation is based in , you'll have to take the matter up with them (good luck, sucker!)". Needless to say, I am not for a moment suggesting such a conspiracy theory. Not for a moment :) Ahem. Nor would I ever suggest a correlation between the latest DeCSS fiasco and "puppet legal juristictions". No, not at all. Ahem Ultimately, this will come down to being a tradeoff between investment and return. Who's Intel targeting? I'd suggest they're targeting casual copiers and underfunded bootleg operators. Against them, this may be viable. Against even a moderately well funded piracy operation, forget it. I am reminded of an anecdote told to me by a friend in the arcade game industry. He said that their main enemies were little backyard operations in Asia, who could clone an arcade game (not a trivial piece of computing hardware) in weeks. I asked him if implementing functions in ASICs would help, and he told me that they'd recovered bootleg games where the copiers had actually designed a daughterboard to implement the ASIC! That is a significant engineering investment, I suggested. He agreed, but said that once they sell more than 500 units worldwide, the bootleggers would start to produce copies. Apparently there was a significant amount of black market money, and underutilised reverse engineering talent involved. Nintendo's "CIC" chips would be another case in point. Both inband and out of band attacks were quickly found against the original version of them. > I think all copy-protection runs into a wall when it gets to > human-perceptible output, at least in dealing with > determined pirates. Though the Intel scheme probably does a > good job of preventing cheap, casual copying of video > streams, which is presumably their purpose for doing the > design in the first place. No, not all. The
Re: Copy protection proposed for digital displays
This is going to be fascinating. It has CSS written all over it. I wonder if they'll learn the lesson of CSS and do decent crypto, rather than resist the temptation to do yet another half-baked LFSR? If they release the cipher, I certainly look forward to reviewing the design. I am also forced to note that this won't stop physical duplication, eg. by photographing the screen. Anyone familiar with real-world piracy will know that many (if not most) bootleg video tapes and Video-CD's of recently released movies are produced by video taping a screen. This won't affect that, and the market for those piracies seems insensitive to the quality loss. Ian. Disclaimer: personal opinion only. > From: Eugene Leitl <[EMAIL PROTECTED]> > MIME-Version: 1.0 > Content-Transfer-Encoding: 7bit > Date: Mon, 21 Feb 2000 17:43:14 -0800 (PST) > To: <[EMAIL PROTECTED]> > Subject: Copy protection proposed for digital displays > > > http://www.eetimes.com/story/OEG2217S0039 > > Copy protection proposed for digital displays > > By David Lammers > EE Times > (02/17/00, 7:02 p.m. EST) > > PALM SPRINGS, Calif.-At the Intel Developer Forum here, Intel > Corp. unveiled a copy protection scheme that will add a layer of > encryption between the system and the digital display. > > The High-bandwidth Digital Copy Protection (HDCP) approach encrypts > each pixel as it moves from a personal computer or set-top box to > digital displays, such as digital flat panels and high-definition > televisions. > > HDCP is an Intel-developed specification that will complement the work > developed with the Digital Display Working Group (DDWG), said Mark > Waring, an Intel technology initiatives manager who is the DDWG > secretary. > > While the Digital Transmission Content Protection approach provides > encryption for digital content as it moves over a 1394 interface, the > HDCP is complementary. > > "HDCP encrypts the final link, from the device to the display, that > has been the missing link" in the various copy protection schemes > developed thus far, said Waring, who earlier worked as a display > engineer at Sharp Corp. > > Intel will release a draft version of the license agreement by Monday, > Feb. 21, at the Digital Content Protection web site. Also, individuals > can go to the site to request a copy of the specification. > > At IDF's product demo pavilion, Silicon Image, Inc. (Sunnyvale, > Calif.) demonstrated what it said was the first implementation of > HDCP on its digital video interface (DVI) silicon. Transmitter and > receiver silicon performed the HDCP authentication, encryption, and > decryption functions, while supporting the DVI digital transmission > rate of 5 G-bits/sec between the host and display. > > HDCP uses a 56-bit key, with individual keys distributed to the > various vendors. A violated key could be tracked down and revoked over > a satellite broadcast network, for example. Waring said he expects the > major silicon vendors to have HDCP-compliant silicon ready by the > July-August time frame. > -- Ian Farquhar Senior Systems Engineer Sun Microsystems Australia Pty Ltd Level 5, 33 Berry St North Sydney, NSW, 2060 Australia Email: [EMAIL PROTECTED] Phone: +61 2 9466 9465 Mobile: +61 409 601 028
Copy protection proposed for digital displays
http://www.eetimes.com/story/OEG2217S0039 Copy protection proposed for digital displays By David Lammers EE Times (02/17/00, 7:02 p.m. EST) PALM SPRINGS, Calif.-At the Intel Developer Forum here, Intel Corp. unveiled a copy protection scheme that will add a layer of encryption between the system and the digital display. The High-bandwidth Digital Copy Protection (HDCP) approach encrypts each pixel as it moves from a personal computer or set-top box to digital displays, such as digital flat panels and high-definition televisions. HDCP is an Intel-developed specification that will complement the work developed with the Digital Display Working Group (DDWG), said Mark Waring, an Intel technology initiatives manager who is the DDWG secretary. While the Digital Transmission Content Protection approach provides encryption for digital content as it moves over a 1394 interface, the HDCP is complementary. "HDCP encrypts the final link, from the device to the display, that has been the missing link" in the various copy protection schemes developed thus far, said Waring, who earlier worked as a display engineer at Sharp Corp. Intel will release a draft version of the license agreement by Monday, Feb. 21, at the Digital Content Protection web site. Also, individuals can go to the site to request a copy of the specification. At IDF's product demo pavilion, Silicon Image, Inc. (Sunnyvale, Calif.) demonstrated what it said was the first implementation of HDCP on its digital video interface (DVI) silicon. Transmitter and receiver silicon performed the HDCP authentication, encryption, and decryption functions, while supporting the DVI digital transmission rate of 5 G-bits/sec between the host and display. HDCP uses a 56-bit key, with individual keys distributed to the various vendors. A violated key could be tracked down and revoked over a satellite broadcast network, for example. Waring said he expects the major silicon vendors to have HDCP-compliant silicon ready by the July-August time frame.
