MS Patent for DRM OS

[Matthew Byng-Maddick]

On Thu, Dec 13, 2001 at 02:47:22PM +0000, Martin Keegan wrote:
> On Thu, 13 Dec 2001, Casper Dik wrote:
> > The difference being that with MAC the administrators wants
> > the labels to be enforced; with DRM OS, the adminstrator is
> > not necessarily so inclined.
> It has long been a source of concern for me that MS's signed drivers
> system might one day be used to control what programmes users can run on
> their computers, and that ultimately there might be market demand for a
> system which let people not worry about viruses and trojans etc, trading
> off security for local control. A similar system could be used for DRM.

Given the current inadequacy in revocation procedures, how would this
help? I could download something that's signed, but which is malicious,
by which time it would be too late. The revocation of signatures is not
an easy problem, and without solving that, I'm not convinced that this
"ideal" that the DRM OS has can ever really be achieved.

I also note the idea that it gets the time off a "trusted" time server,
what will the "trust" be based on, and how will it cope if not networked.

Surely this doesn't imply that I have to be on a live, internet-connected
network, to run software?

The other question that comes to mind is: isn't this a bit like the holy
grail of "tamper-proof" hardware, that you could, in theory, trace the
operating system code path, on a non-DRM system, and find where it keeps
the public-key, replacing it with your own, thus allowing you to control
what "Rights Managed Software" was allowed to run. This would make it
possible for the user to circumvent every protection that the software
wanted, because they could then just sign their own...

MBM

-- 
Matthew Byng-Maddick         <mbm@colondot.net>           http://colondot.net/