Re: A 'Funky A.T.M.' Lets You Pay for Purchases Made Online
One point being overlooked here is digital versus physical anonymity. The funky ATM (what, does it smell or something?) will allow you to (among other things) stick in some cash and let someone else withdraw it using a password which you have sent him out of band (according to the patent - which I've actually read, more than anyone else here can say). This will allow for digital anonymity in the sense that there is no account information associated with the transaction. Now, it's true that ATMs take pictures of people, so you don't have full physical anonymity. But given the limited reliability of facial recognition systems, especially if you take simple precautions like wearing a hat and tilting your head down, you can have de facto very strong anonymity putting money into or taking it out of an ATM. The mere fact that it takes your picture doesn't mean that much. It's also true that the amount of cash that could be practically transfered in this way is limited to a few thousand dollars at most, given that the machines will probably only accept and dispense twenty dollar bills or equivalent. Nevertheless such payments would be a good start. The ability to pay or receive a few thousand dollars, untraceably, would enable a number of interesting applications involving freedom of speech and action. Writing custom software or providing sensitive information could be funded at these levels. The point which has been mostly overlooked is that this article was nothing but vapor, based on the issuance of a patent. There's a huge barrier between the idea and the implementation. A cash-transfer ATM would be a true boon to cypherpunk goals, but it is doubtful whether such a system will be allowed to exist in today's world.
Re: Idea: The ultimate CD/DVD auditing tool
Tyler Durden leaves the fight club and writes: Do you have a reference? I don't remember reading that SACD was encrypted. What I DO remember is that the reason there's no standard SACD or DVD-A digital interface is because the Industry wants that digital interface to be encrypted. The detailed technical specs are apparently secret, but an overview of the multi-layered SACD copy protection is at http://www.sacd.philips.com/b2b/downloads/content_protection.pdf. If you don't like PDFs, most of the same information is at http://www.disctronics.co.uk/technology/dvdaudio/dvdaud_sacd.htm. Alan Clueless writes: Furthermore, people have come to expect that they should be able to play whatever disc shaped media in their computer. At some point there will need to be a software based player. Both of the documents above specifically deny that software based players will be allowed. I get the impression that the decryption will always be done in hardware, and if a PC is ever able to play one of these gadgets, it will be a Palladium system or something similar that can be locked down. Steve Shear writes: If you believe the article Myths and Misconceptions about Hardware Hacking, http://www.cptwg.org/Assets/Presentations/ARDG/ARDGHardware_hack05-28-03.pdf , recently posted to the Content Protection Technical Working Group, access to affordable commercial technology for reverse engineering has given hardware hackers the upper hand. That's mostly about how hardware hackers can use modern chips and custom PC boards without spending more than a few hundred dollars. Fine, but it's a long way from that to being able to pull an algorithm and/or device key out of a chip which has been designed to make that difficult.
Re: Idea: The ultimate CD/DVD auditing tool
Thomas Shaddup writes: As a welcomed side effect, not only we'd get a device for circumvention of just about any contemporary (and possibly a good deal of the future ones) optical media protections This is only for the minimal forms of protection which are designed to work with existing CD/DVD players. If you look at the new audio formats like SACD, they use encrypted data. All your lasers won't do you any good unless you can pry a key (and the algorithm!) out of a consumer player, which won't be easy assuming it is in a tamper-resistant unit. And you can bet the industry won't make the mistake again of allowing software-based players, as they did with the DeCSS affair. In short, you're fighting yesterday's war. Try looking ahead a bit to see where the battlegrounds of the future will be contested.
