Posts by Charles 9

Re: 99 ice cream loving honeybadgers ate my hamster!

"This might look like a random title for a comment on this story, but it is an example of a memorable password that I made up for a comment on the story Human memory, or the lack of it, is the biggest security bug on the 'net. Even though I only wrote it once, and that was over a month ago, I can still remember it (though admittedly it is probably too long to be a sensible password)"

Good for you. What about those with POOR memories, or who have to go through hundreds of them in a given month?

"Yes, anything you care about should be protected by a strong 2nd factor - but it's supposed to be precisely that a second factor. Something you know, and something you have. So the password is still very relevant."

But what if you don't HAVE a second factor: not even a cell phone, because you keep LOSING things? Or you don't trust cell phones? And as for those fobs, what was that RSA hack about again?

Re: Won't past muster.

HIPAA is non-waivable much as ADA isn't, but this Act will create loopholes.

"Remind me again - the Republicans are the party that believes an individual should be free to live their life without interference from the state?"

And they're REMOVING state interference. They're doing nothing about PRIVATE interference, though.

While even a class A network has the same 24-bit subnet limit, consider the Birthday Problem.

"The only way it could work is if the content delivery company encrypts a video feed to a secure monitor and that is not going to happen."

Have you tried looking up HDCP 2.0? The requirements for 4K BluRay players? Both require end-to-end encryption (from player to monitor), and PCs are completely locked out of this loop (exactly BECAUSE users have control of them). Plus, last I checked, trying to capture a raw 4Kx2K screen in realtime involves a pretty intense amount of bandwidth.

That app tended to be Flash and Silverlight, which also meant Linux tends to get locked out of the loop. You really want to go back to stuff like that?

"They're doing that themselves. Seriously, £13 to see a film at the cinema? Plus the £1 extra for the extra 6 inches of legroom, and the £1 extra for the "Blockbuster surcharge" if it's the opening weekend... plus the £millions it costs for popcorn, sweets, drinks etc... it's a £20 trip each time."

And yet people are willing (yeah, even eager) to pay up. The latest Wolverine film Logan is ranked #4 among R-rated movies on opening weekend (the #1 in the US as of now happens to be another Marvel film: Deadpool). Sounds to me like we have less say than we think. People are voting with their wallets, and we're losing.

Re: And will this DRM realise its been run in a VM and is a chocolate teapot?

First, it's a TRANS-crypter, so the output is still encrypted.

Second, you need an HDMI 2.0-level output (which means HDCP-2.0+) to still receive 4K above film rate. Otherwise, it's downscaled (1.4 only has support for 4K at film rate). So you still have the same problem. Also, compared to 2.2, 2.0 is lossy (4:4:4 to 4:2:0). Plus they may block 1.4 down-conversion for protection reasons, only allowing 4K at 2.0 and up.

Third, have you seen the price tag?

Re: Any Restriction Placed on the Internet

They said the same thing about photocopying bank notes. Guess what? They found a way through watermarking and then mandating detectors into the printing (or in the video case, encoder chip) logic.

Re: Say bye bye to private infromation

"Starforce had the potential to be exploited in such a manner as to shift the balance in the control of information around the world, with Catastrophic results had it still existed in that format in today's political environment. Do we really want to hand that sort of control to our browsers?"

Trouble is, they'll insist and withhold content if they don't get their way. And remember, we're not the majority who willingly pay bookoo bucks to sit down in crowded, noisy cinemas and pay robber's fees for cheap junk food. If you're surrounded by idiots, you're basically outvoted. You lose.

Given the anarchy given by the IoT, a stateful Internet where anonymity is nigh-impossible will probably be the next step.

Re: All the whining in the world - 2

But then again, is it worth it? Is it really a jail if no one WANTS to leave? After all, the planet is pretty much a jail, too, since we can't live in space and we lack the tech or know-how to leave for the near future.

Re: The stupid thing is....

One, the images can be watermarked to block camming (that's how Cinavia and the like work, they can be built into the encoder chips so they can't be circumvented--the codecs are under patent and can be licensed with conditions), and two, there's still a loss of quality involved crossing the analog gap this way, especially with stuff like 4K where details are important, and there's still the need for extraordinary conditions to ensure a consistent result (one good shake and your shot is...shot). That's why cams are almost always either a last resort or the realm of the impatient.

Re: "NOTHING beats FREE"

"Rubbish, Charles. CONVENIENCE beats free. Fandom and the desire to support your favourite content creators ALSO beats free. All an artist has to do is build a relationship with their fans, and provide their works in an easy to use, easy to transfer manner. Of course, that won't keep the coke train running for the increasingly-irrelevant middlemen. Tough shit for them."

Not necessarily. Haters gonna hate, and life on tour isn't what it used to be. Billy Joel's first #1 hit, "Piano Man," was based on the night he was just scraping doing playing in a bar. Many can't even get beyond that point and just fade into obscurity and you never hear about them. If you say tough shit for the middlemen (who you usually NEED to really get past the tour life due to their connections), you're basically saying tough shit for live music because that's life. Sometimes, the only way to make it is to make a deal with the devil; sad but true.

Re: All the whining in the world...

"And what would ge the result? Well, nothing really. There will still be new content created and distributed. If you knew anything about history you'd know that there weren't even copyright laws back when the greatest creative geniuses the world has seen were creating wonderful art. Mozart, Shakespeare, Haydn, and Beethoven, for example: they all created great works anyway. No DRM, not even copyright."

Yes, but then the common people didn't have access to them. They were all commissioned...by the RICH. Want to go back to those days when art was only done by commission by the rich who could afford the artists' price demands?

"Because phones aren't general purpose computing devices despite all claims to the contrary? Secondly they're not as secure as you might think - keys *can* be retrieved from them if they were worth the effort."

But risky. Many of those keys are housed in suicide circuits (think FIPS-compliant modules) which wipe if you try to read them directly. And the effort clearly isn't worth the reward at this point since even new smartphones with the feature built-in (not to mention things like ARM's TrustZones) would make very attractive targets yet they haven't been broken. This may have to do with the most fundamental signature checks being against ROM, making them impossible to defeat without performing a preimage attack (and if you can pull off a preimage attack, there are government agencies that would like to talk to you).

Re: The stupid thing is....

"And go after the major profitable pirating organisations and leave the students alone."

Most of the pirating organizations live in countries hostile to the West, making apprehending them nigh-impossible (because those states are tacitly encouraging them).

"The reality of the medium is that its copyable. Learn to live with it. Copyright is, today, completely unenforceable. That is the lesson the music business had to learn with the demise of the 'studio album' bands."

4K BluRays can't be copied. They're encrypted end-to-end, including the player and the display. Unless they can break the end-to-end encryption used on many smartphones, DHCP 2.0 should remain strong for a while (yes, even the master key has a safeguard since many movie discs are serialized and require Internet registration). The 4K rips you see now come from WebRips, not BDRips.

Re: The stupid thing is....

They don't care about screeners there since most of the quality will be lost. They care about screeners in cinemas since it breaks their timetables.

"This isn't actually strictly true, and effective DRM isn't actually possible. It's just shit to put in browsers for the sake of putting it in. If it can be built it can be broken."

Oh? How come they can't do that with smartphones, then? There are still plenty of phones for which custom OS's are impossible because they use CPUs with mandated black-boxed encryption (the key is stored in the CPU and not accessible directly) that enforces signature checking and the like?

"Seriously, screw the media cartels."

You REALLY want to screw the media cartels? There's only one way they'll listen. Get lots of people to stop going to cinemas.

Re: insanity

"What big content want is end-to-end control of the entire distribution channel. This includes them having the ability to run arbitrary code on your machines. No doubt they will also continue lobbying until they get the next piece of the puzzle: namely, being able to bring you to court if you try to circumvent these "protections" on devices that you and you alone own."

WRONG. They'll fix that by making it so you only LEASE them and make it a Hobson's Choice so you have no other option. If you REALLY want to make the movie companies pay attention, convince people to boycott cinemas and stop watching ANY movies in ANY form. Only when you can hit them in their most lucrative money stream will they notice you.

Re: Better than plugins

"That's an important distinction, and it costs us absolutely nothing, other than having to show a bit of backbone."

Except it's all hollow bravado. The content providers are the types who hear, "Over my dead body," and respond, "If you insist..."

IOW, sometimes you have to pick your fights. And since people still flock to cinemas, we wouldn't win that fight. The average joe wouldn't be able to tell the difference and frankly wouldn't give a rodent's donkey about whether or not it's an open standard or not. Gimme my movie is all they want, which is why Netflix is making a killing, too, IN SPITE of proprietary standards.

Re: Anyone can be compelled

Unless, of course, someone comes along who has a nuke and is not afraid to use it. When civilization runs into overwhelming force, it doesn't exactly turn out pretty, as many coups have demonstrated.

Re: Anyone can be compelled

And what if they decide to bugger YOU with it instead? After all, in the final analysis, the law is just ink on a page...

Re: Er ...

Until you're faced with a perjury charge. Remember the oath you must take before you testify: the truth, the WHOLE truth, and NOTHING BUT the truth. You lie (outright or by omission--half the truth, twice the lie as they say) at your own peril because they could have ways to back up their claims that don't necessarily involve you.

Re: Damned right, Comey!! Widespread encryption is Snowden's fault!!

Weren't women's tongues chopped off, among other things, in the distant past?

Not really. More a logical extension. Civilization is overrated given the natural human tendency.

Re: Trust your government?

"Come back and talk to me when you've repealed the 1st, 5th and 14th amendments. Then maybe I can introduce you to the 2nd."

They could just ignore the whole bloody think as "ink on a page". As for the 2nd, they'll see your guns and raise you a few nukes.

Re: Er ...

What about the Fourth Amendment that prohibits unreasonable search and seizure?

Re: Open BIOS? - why ?

Except we're talking below that. As in what boots u-boot? That's the kind of thing I'm referring. In the PC world, the power-on points the CPU to the BIOS or EFI which usually takes care of the initial boot. Thus why splash screens and so on. As I understand, in most ARM setups, the initial boot target works somewhat similarly, aiming for a mapped memory location: a specific region of memory usually linked to a ROM to provide the first-stage bootloader which goes from there. It's a sort of "Your Mileage May Vary" thing, but it's enough to point out that there's a different set of legacy baggage with ARM systems than with x86 systems.

Re: Open BIOS?

Since ARM systems come from a whole different ecosystem, one based on memory maps and fixed hardware designs, basic operations and enumerated buses are likely to be approached from a whole other angle, one that may see something completely different from a BIOS like x86 does. After all, PC-based Macs didn't have to wrestle with that kind of stuff and went straight to EFI, just to name an example.

Having said that, you can't be sure there isn't some kind of uber-root mode hidden in ANY kind of system, regardless of the architecture. Indeed, they may reside in an even lower level than that: say in the network chips.

Re: Aw. Nothing like the smell of hot solder --

Unless, of course, it's the day off and you're doing a rush repair job that needs a little component and you can't wait on an overnight (because then you're back at work and the spouse will get mad). When it comes to something that absolutely MUST be done by the end of the day, you can't beat brick-and-mortar places.

Re: Nice advert you have there.

It still may be worth it to plenty. I know plenty of people who aren't team-loyal but simply watch what's available. I'm one of them, and what I want from sports is a close contest; it doesn't matter who's playing. As for the other channels, people may be able to live without the likes of Animal Planet, and while the unbundled Internet price goes up another $10, that's more than offset by the fact that $50/month is the bare minimum price for just local channels and a few essentials like CNN. The usual cable TV bill is closer to the $100 range as I've said, especially now that cable TV's all digital which means cable-ready TVs really aren't anymore, meaning box rentals of nearly $10/month per TV (and most households have at least two because the spouse doesn't want to be held hostage over channel choice). Then there's the additional $10/month charge if you want to record shows (more if you want more at a time), taxes, extra fees, etc. Trust me, I took a long and hard look at all those associated fees just last month because I was restructuring my subscription in a bid to save money. Jumping wasn't practical because the two other providers in my neighborhood have basically settled into a cartel with the first, and their overall rates aren't different enough. In my particular case I wouldn't want YouTube TV because I like to personally record my shows (at least by sticking I have access to an unencrypted HD stream I can run to a PVR box), but not everyone's in the same boat.