It doesnt matter if your DRM is good enough to stop 99.999 of users from making a copy or using a program.On the other hand, I can play thousands of others that I downloaded illegally just fine.
I will gladly pay for good music, but I would rather hang than have to deal with DRM in anything ever again. It asks me for my favorite drink ever (that was my security question). Ive tried every variation of Dr. Pepper that I can think of. No dice. I assume it contains the software components needed to build the server and client, leaving the hardware as an exercise for the reader. The OMA DRM standard is well-documented, and is (or at least has been) widely-used by the mobile phone industry. Security through secrecy of information is the only way to do crypto, signing, etc. DRM does not require obscurity of algorithms (which is why OMA DRM is a published standard, and how come the source for an implementation can be published and freely usable), but it does require that the player device have access to information (some kind of key) which the user of the device does not, and which is not part of the algorithmsource. In the DRM threat model, the owneruser of the device is the attacker, and the rights owner is being defended. Drm Removal Serial Code Full Control OverIf the devices user has full control over it, then clearly in principle this is game over. The theoretical framework of encryption makes this absurd - how can the user only have the key to decrypt some data if theyre using it for approved purposes. At this point it doesnt matter how good your encryption is, the user has everything they need to break it. However Im not sure how common TPMs are, and moreover this is very much defeating the point of open-sourcing the software in the first place, as you would be unable to modify it in any way without losing access to the DRM keys. However if one cant load any code at all, then making DRM is fairly trivial, since you dont have to hide the key very well. In practice, the approach on e.g. Symbian is that the user can load code, but such code is prevented by the kernel from accessing the DRM APIs. So its not that you cant load code at all, just that you cant load DRM-related code at all. Whether this is trivial probably depends whether youre the one who has to implement the Symbian kernel. So a little bit like a TPM in some ways, but different approach in others. Meaning some of them not broken yet because their models are kept secret. Even that does not prevent major DRM system from getting broken. I wouldnt be optimistic about the strength of an open source solution.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |