Re: DOJ proposes US data-rentention law.
At 06:38 PM 06/22/2002 -0400, Steve Fulton wrote: At 17:37 22/06/2002 -0400, [EMAIL PROTECTED] wrote: Not arguing, but the hardware cost curve for storage has a shorter halving time than the cost curve for CPU (Moore's Law) and the corresponding halving time for bandwidth is shorter still. You've got a point. Storage is becoming less and less expensive per gigabyte, especially for IDE drives. If you're using a RAID set up, IDE doesn't cut it, SCSI is the way to go (for now). SCSI is a lot cheaper than it used to be, but it's still over $1000 for a single 70gig drive in Canada. For maximum redundancy in one rack-mount server, RAID 10 is the way to go. That means for every 1 drive, there must be an an exact duplicate. Costs can increase exponentially. [more examples of expensiveness deleted; fibre channel, etc.] You're not making appropriate technology choices, so your costs are off by a factor of 5-10. IDE is just fine, especially in RAID configurations, because if you're making a scalable system, you can use as many spindles as you need, and you don't need to run fully mirrored systems - RAID5 is fine. Almost any technology you get can run 5MB/sec, which is T3 speeds, so that RAID5 system can keep up with an OC3 with no problem. Disk drive prices here in the US are about $1/GB for IDE. The problem is that's about 200 seconds of T3 time, so your 5 100GB drives will last about a day before you take them offline for tape backup. The real constraints become how fast you can copy to tape, i.e. how many tape drives you need to buy, and what fraction of data you keep. If it's 1%, you can afford it - adding $5/day = $150/month per T3 is just noise. Keeping 10% of the bits - $50/day = $1500/month/T3 - is a non-trivial fraction of your cost, so you have to go for tape. Fibre channels are useful for cutting-edge databases on mainframes, and have the entertaining property that they can go 10-20km, so you've got more choices for offsite backup, but GigE is fine here. Make sure you also keep a couple of legacy media devices so you can give the government the records they want in FIPS-specified formats, such as Hollerith cards and 9-track tape. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Ross's TCPA paper
today. I want things to get better. I can't read e-books on my pocket computer, for example, which is sad since I actually would be able to enjoy e-books if I only could load them onto my small computer that follows my everywhere. Yes, of course I could probably bypass the protection and make the e-book readable if I really wanted to, but I honestly don't want to. Besides the Sklyarov case I don't feel I should need to crack things I have legally purchased. Second, what about CD's? Today I can buy music on CD's and use the sound the way I want. I can put it in my MP3 player and I can practically do anything with it using a wave editor. But what about the future? Would they sell unprotected versions of any album so I can listen to and process music with the program of my choice? You will still be able to use your system in exactly the same ways that you use it today; you will be able to run all of the software that you run today. But not with the same data. How good is Winamp if it can't play any music recorded in 2004 or later? Given that Windows Media Player can play all your tunes and it takes a reboot to switch to Winamp, who wouldn't stick with WMP? And remember that Microsoft encourages us to protect our own files and documents. What will happen to the word processors, text editors and other programs we use today when there is no data left for them to use since everything has been protected? The TCPA allows you to do something that you can't do today: run your system in a way which convinces the other guy that you will honor your promises, that you will guard his content as he requires in exchange for his providing it to you. It allows you to be honest. Only problem is; I'm not the one giving promises, it's my computer! Yes, I will make sure that the user only will be able to listen to this song three times. Don't you worry. His opinion doesn't matter. I'm in charge here. I'm not saying there isn't a market for listening to songs a limited number of times for a smaller fee, I'm just worried they will take away the possiblity of listening an unlimited number of times (or make it noticeably more expensive). Realize that the trusted mode of the TCPA will always be only an option, Bottom line; not if you want to work with protected content. (Which, from what I can understand, will include all future songs, movies and probably word documents and loads of other data as well.) Or am I missing something? - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Ross's TCPA paper
On Mon, 24 Jun 2002, Anonymous wrote: The important thing to note is this: you are no worse off than today! You are already in the second state today: you run untrusted, and none of the content companies will let you download their data. But boolegs are widely available. The problem is that the analog hole is how we debug stuff. When our speakers don't sound right, we tap the signal, put it on an oscilloscope so we can see what's wrong, correct the drivers, and try again. When our monitor can't make sense of the video signal, it's different equipment but the same idea. When you encrypt all the connections to basic display hardware, as proposed in Palladium, it means nobody can write drivers or debug hardware without a million-dollar license. And if you do fix a bug so your system works better, your system's trusted computing system will be shut down. Not that that's any great loss. Likewise, encrypted instruction streams mean you don't know what the hell your CPU is doing. You would have no way to audit a program and make sure it wasn't stealing stuff from you or sending your personal information to someone else. Do we even need to recount how many abuses have been foisted on citizens to harvest marketing data, and exposed after-the- fact by some little-known hero who was looking at the assembly code and went, Hey look what it's doing here. Why is it accessing the passwords/browser cache/registry/whatever? Do we want to recount how many times personal data has been exported from customer's machines by adware that hoped not to be noticed? Or how popup ads get downloaded by software that has nothing to do with what website people are actually looking at? I don't want to give vendors a tunnel in and out of my system that I can't monitor. I want to be able to shut it down and nail it shut with a hardware switch. I don't want to ever run source code that people are so ashamed of that they don't want me to be able to check and see what it does; I want to nail that mode of my CPU off so that no software can turn it on EVER. I'll skip the digital movies if need be, but to me trusted computing means that *I* can trust my computer, not that someone else can. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Ross's TCPA paper
Yes, this is a debate I've had with the medical privacy7 guys, some of whom like the idea of using Palladium to protect medical records. This is a subject on which I've a lot of experience (see my web page), and I don't think that Palladium will help. Privacy abuses almost always involve abuse of authorised access by an insider. Recent case: 15-year old girl in Croydon, England, gets termination of pregnancy without telling her mother. This is reported to the local health authority, where her uncle works; he sees the report and tells the family. Palladium doesn't help here. Even if the unclse is constrined by the Fritz chip from doing anything other than look at the screen, he still has the information. The fix for this problem is anonymous reporting, with the identity of the girl known only to the treating physician. It is a policy issue, not a techjnology issue; if technology such as Palladium is introduced it will most likely be by health authorities trying to find an excuse to retain access to data that they shouldn't have in the first place. (We've seen a similar effect with smartcards in healthcare, and in fact the general phenomenon has an interesting similarity with what the environmental economists call the `social reward trap': making `green' goods available often increases pollution as people consume green goods rather than consuming less.) Ross - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
