"Palladium" and TCPA
Ben Laurie
ben at algroup.co.uk
Sat, 29 Jun 2002 10:50:22 +0100
David Wagner wrote:
> Graham Murray wrote:
>
>>So should DRM be an application rather than OS issue. Would it not be
>>a better idea to have some form of (strong) encryption[1] on files,
>>have no technical mechanism for restricting copying them, but have to
>>"prove" that you are authorised (to whatever level) before the
>>application will decrypt the file?
>
>
> Better for whom? Content providers would likely consider this as
> providing insufficient security for their high-value digital content
> (and reasonably so, in my mind). Keep in mind that, in your proposal,
> one rogue consumer can spread infinitely many copies of the content in
> unencrypted form. This is unlikely to be acceptable to content providers.
Not to mention that unless the OS (and hence the hardware) secures the
application, you can "prove" authorisation with a debugger.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff