Treacherous Computing Masterclass: London, November 7th
(Forwarded from EROS Operating System Architects list) Original Message Date: Wed, 9 Oct 2002 11:10:13 -0400 From: David Chizmadia [EMAIL PROTECTED] To: [EMAIL PROTECTED], EROS Architects [EMAIL PROTECTED],[EMAIL PROTECTED] I thought that readers of these lists might find this announcement interesting... My apologies to those who get this message multiple times. -DMC - Original Message - From: Andrew Watson [EMAIL PROTECTED] Sent: Wednesday, October 09, 2002 11:00 AM Subject: Trusted Computing Masterclass, London, 7th November Good Afternoon, Netproject is running a Trusted Computing Masterclass in London on 7th November. Details are below - the speaker line-up looks very strong, and includes the manager of the Palladium programme at Microsoft, and leading InfoSec researcher Ross Anderson. There's a £50 discount for OMG members - ask when you book. This event is run by Netproject, not OMG, so please direct all enquiries to them. Thanks, Andrew Trusted Computing Masterclass 7th November 2002, Central London Fee £395 plus VAT If you want the very best, up to date information about Trusted Computing and how it effects you and your organisation - then cancel all appointments for Thursday 7th November. The leading experts in the world are in town giving the first ever masterclass on Trusted Computing. Speakers include: John Manferdelli, General Manager of Palladium Development, Microsoft. Alan Cox, Lead Linux Kernel Developer. Ross Anderson, Cambridge Computer Labs. David Everett, Responsible for the NatWest Mondex smart card scheme. A lead developer from HP Labs. This masterclass has been put together at very short notice - we have a venue but unfortunately with restricted places so if you wish to attend it is on a 'first come, first served' basis. To find out more please click here: http://www.netproject.com/courses/TCPA.html ... or to make a booking for the event contact Julia Currell at Netproject directly by telephone, fax or by email. Julia Currell netproject 124 Middleton Road, Morden, Surrey, UK Tel: +44 (0)20 8715 0072 Fax: +44 (0)20 8715 7134 Email: [EMAIL PROTECTED] ___ eros-arch mailing list [EMAIL PROTECTED] http://www.eros-os.org/mailman/listinfo/eros-arch - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Gary Shapiro: P2P File Sharing is Legal and Moral
(This essay hits many very effective points. One of the key things that needs to be borne in mind, however, is the fact that technological proposals currently on the table are implementations of the notion, foreign to American society and jurisprudence, of creators' moral rights -- a term basically saying that creators dictate how information may be used. This essay nevertheless clearly represents a very significant step forward in the discourse. Forwarded from POLITECH. -- Seth) Original Message Date: Wed, 18 Sep 2002 22:35:19 -0700 From: Declan McCullagh [EMAIL PROTECTED] To: [EMAIL PROTECTED] Some background: http://www.ce.org/press_room/press_release_detail.asp?id=10027 http://www.ce.org/press_room/speech.doc http://news.com.com/2100-1023-958324.html?tag=cd_mh File photo: http://www.mccullagh.org/image/d30-25/gary-shapiro.html -Declan --- Speech by Gary Shapiro, President and CEO of the Consumer Electronics Association. The Campaign to Have Copyright Interests Trump Technology and Consumer Rights We are at a critical juncture in history when the inevitable growth of technology is conflicting with the rising power and strength of copyright owners. How we resolve this tension between copyright and technology will define our future ability to communicate, create and share information, education and entertainment. Today I would like to share with you my views on this situation and the questions we must confront as we wind through this confusing, but historic maze. There is no doubt that this eras rapid shift to digital and other technology is changing the rules of the game. Reproduction, transmission and storage technology all are progressing exponentially, resulting in an unprecedented power to copy, send and save all forms of media. Reproduction technology has become incredibly cheap and reliable. Transmission technology, including satellite, cable, broadcast, wired or wireless, and often connecting through the Internet, has linked everyone at ever increasing speeds and competitive pricing. Storage technologies also quickly have expanded in capacity as total storage media costs have plummeted. With each new technology, the fears of the music and motion picture industries have grown. With television and the VCR, it was going to be the end of movies. With CDs and cassettes, it was the supposed harm from real-time transfers and one-at-a-time copies. Todays technologies make these perceived threats seem naïve and harmless. With high-speed connectivity and the Internet, its not buying a CD and making a copy for a friend; its downloading from a stranger or making available thousands of copies with the touch of a keystroke. The growth of reproduction, storage and transmission technology has terrified copyright owners. The RIAA claims that 3.6 billion songs are downloaded each month. The RIAA also estimates that $4.5 billion has been lost by the music industry due to pirating. And the motion picture industry also sees the writing on the wall. Fox Group CEO and News Corp. President Peter Chernin in an August 21 keynote speech at an Aspen conference claimed that Spiderman and the latest Star Wars movie were downloaded four million times following the weekend after their release. Based on these and similar threats the content community has gone on a scorched earth campaign attacking and burning several new recording and peer-to-peer technologies. They have used the Congress, media and courts to challenge the legality of technology and morality and legality of recording. In the same Aspen speech, Chernin attacked computers as untrustworthy and the Internet as primarily used for pornography and downloading. I believe that hardware and software companies have a mutual interest in working together, so that they can sell more products. For years, consumer electronics companies have been working with both the recording and motion picture industries on developing technological measures that meet the needs of both industries. For instance, the DVD standard includes anti-copying protection. It also includes an anti-fast forward technology designed to ensure copyright warnings are shown, but instead is being used to require consumers to sit through movie previews. CE companies also have provided digital interfaces that allow consumers to share content among their own devices while restricting unauthorized redistribution to the Internet. By protecting content at the source, content providers can be assured their intellectual property rights are respected, while consumers can enjoy unimpeded personal use. However, source protection should not be used to mislead consumers to purchase CDs that can only be played on certain CD players. Indeed, despite the cooperative efforts, the copyright community has declared war on technology and is using lawsuits, legislatures and clever public relations to restrict the ability to sell and use
Glimpse of a Palladiated Future
(Forwarded from DMCA Activists list. Article text pasted below. -- Seth) Original Message Date: 15 Aug 2002 12:30:02 -0400 From: Matthew Caron [EMAIL PROTECTED] To: DMCA [EMAIL PROTECTED] http://www.guardian.co.uk/Archive/Article/0,4273,4477138,00.html In short: 1.) Guy rips CD's using Windows Media Player, and forgets to turn the Copy Protection option off. 2.) Guy copies files off machine. 3.) Guy reloads machine 4.) Guy puts files back. 5.) Files no longer play. Now, the article talks about ways to get around it, even to stop it from happening in the first pace, but: 1.) What if there is no copy protection option anymore in WMP? 2.) What if WMP is the only Palladium trusted app so another app is out of the question? 3.) Given 2, what if therefore WMP is the only way to play CD's? Sounds to me like a central licensing authority will know every time you rip a CD, and play a ripped CD. And, of course, we won't even get into the fact that forging the necessary licenses to play the music, or reverse engineering the file format to dump it to another type (if possible) is a violation of the DMCA... -- MS Windows is only cheaper than Linux if you steal it. - Matt and Liz ~~~ Matt Caron ~~ ___ DMCA-Activists mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/dmca-activists http://www.guardian.co.uk/Archive/Article/0,4273,4477138,00.html Ask Jack Send your questions and comments to [EMAIL PROTECTED] Jack Schofield Guardian Thursday August 8, 2002 Catch WMP I have been collecting music using Windows Media Player to copy from CDs. When I needed to reformat my hard drive, I copied all my files to CD-R, re-installed my operating system and copied them back, only to find my music would not play. Rowan Burgess Jack Schofield replies: Microsoft's web site says: By default, Windows Media Player [7.x] is configured to protect content that is copied from a CD to your computer from unauthorized use by using Personal Rights Management. When this feature is enabled, each track that is copied to your computer is a licensed file that cannot be played on any other computer unless you backup and restore your licenses on the other computer. Reformatting the hard drive has made your PC, in effect, a different computer. Since you did not back up and restore your licenses, there is no obvious way to play the protected files. However, Michael Aldridge, lead product manager in the Windows Digital Media Division at Microsoft in Seattle, says: There is still a way to get these licenses back and it is pretty easy using our Personal License Migration Service (PLMS), [which] was designed to address the exact situation you outline. The customer just has to be connected to the internet, then they can automatically restore their licenses just by playing the music files in question. Windows Media Player will recognise that the music had a license and will go out on the web and update their music files with new licenses. All this service does is note these files once had a license and provides a new one. No internet connection is required for playback after that. If the reader is connected to the internet and this is still not working, it is most likely because they created their music collection with an earlier version of Windows Media Player (7.0) and then upgraded on top of that collection. We did anticipate this scenario and developed a tool to help them update their licenses: the Personal License Update Utility. This must be run before they upgrade their system or transfer their music files to a new PC. If they don't use this utility they will need to re-create (re-copy) their music CDs into their music library on their PC. Find out more information about this process at www.microsoft.com/ You can also choose to turn off copy protection when you create your music collection, which can be done easily in any version of [WMP7.x or later]. When you first run Windows Media Player, it will ask if you want to keep copy protection on, and you can turn it off if you wish. If you missed that dialog box, it is still easy to turn off copy protection by going into the Tools|Options menu. Click on the Copy Music tab, and under Copy Settings, uncheck the 'Protect Content' box. In previous versions, this box was called the 'Enable Per sonal Rights Management' check box. Turning off copy protection would seem the best idea. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
MS White Paper Says Palladium not DRM
http://www.theregister.co.uk/content/4/26231.html MS white paper says Palladium open, clean, not DRM By John Lettice Posted: 17/07/2002 at 09:25 GMT A final draft of Microsoft's Palladium consultation white paper appears to have escaped, and is currently being hosted by Neowin.net. Microsoft intends to open Palladium up for discussion, but it's not as yet clear to us whether this means it will be distributing the white paper to all and sundry, or whether it envisages a more restricted distribution list. In any event we haven't been able to nail down anywhere on the Microsoft site you can get it,* or any mention of the Microsoft Content Security Business Unit, which authored it. There's much in the paper that's interesting, and it's even interesting that it's in PDF format, rather than Word - the authors are clearly having a bash at being ecumenical. Palladium, it stresses, is not an operating system, but a collection of trusted subsystems and components that are opt-in. You will not get the advantages of Palladium if you don't opt in, of course, but you don't have to. It's als some years off, but one of the objectives is to make a Windows-based device a trustworthy environment for any data. Which is a tall order. Software will have to be rewritten or specially developed to take advantage of Palladium, and software of this class is referred to as a Trusted Agent. Users will be able to separate their data into realms, which are analogous to vaults and can have varying access and security criteria. The system does not need to know who you are, indeed doesn't really want to know who you are, because it's about verifying the identity of machines. So a company could identify an employee's home machine for secure operation remotely on the corporate network. Then it gets really interesting. Palladium will not require Digital Rights Management (DRM) technology, and DRM will not require Palladium... They are separate technologies. Now, we know they don't need to be separate technologies, we know that Palladium could enhance DRM considerably, and we suspect that at least some people at Microsoft would take this route if they thought they could get away with it. But the authors here seem to have concluded that Palladium will not fly if it has a whiff of DRM about it, and are determined to distance themselves. This is good, people, if we all keep shouting 'DRM bad!' they stand a chance of not having their minds changed for them. Deeper into the Department of Bizarre Revolutions we have: A Palladium system will be open at all levels. The hardware will run any TOR (Trusted Operating Root), the TOR will run trusted agents from any publisher, will work with any trusted service provider, (the authors envisage this as a new service category) and it'll all be independently verified. TOR source code will be published, Palladium will be regularly examined by a credible security auditor and anyone can certify Palladium hardware or software, and we expect that many companies and organizations will offer this service. Of course, right now these are only words, the terms and conditions for publication, verification and auditing haven't been revealed, and Microsoft has a long and inglorious record in Untrustworthy Industry Leadership to overcome before we entirely buy the Trustworthy Computing pitch. However, as far as it goes, this little lot sounds plausible. If it were any other company, you might even be inclined to take it at face value. Keep talking, people, and prove you mean it. ® * We have, bizarrely, found an entirely unconnected Palladium white paper on an entirely different Palladium from Templar Corporation. You're probably not interested (we're not), but it's here. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Thanks, Lucky, for helping to kill gnutella
TCPA and Palladium are content control for the masses. They are an attempt to encourage the public to confuse the public interest issues of content control with the private interest issues of privacy and security. Seth Johnson -- [CC] Counter-copyright: http://cyber.law.harvard.edu/cc/cc.html I reserve no rights restricting copying, modification or distribution of this incidentally recorded communication. Original authorship should be attributed reasonably, but only so far as such an expectation might hold for usual practice in ordinary social discourse to which one holds no claim of exclusive rights. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]