-----BEGIN PGP SIGNED MESSAGE----- In <v02140b10b08a1ba0a4ac@[198.115.135.201]>, on 11/08/97 at 09:29 AM, hutchinson@ncri.com (Art Hutchinson) said:
A whole bunch of people are now talking about these cash-settled recursive auction processes, and they're a direct, and now obvious, consequence of bearer (or at least instant) settlement markets for information on geodesic networks. When you add anonymity to the transaction, you pretty much have the final straw for "rights" tracking. Watermarks just tell you who the information was stolen from, for instance. So, one more industrial information process bites the dust.
Whoa! Hang on here. Sure, watermarks will tell you who information was stolen from, but they're just a stalking horse... a weak second cousin to *persistent* content control technologies (such as IBM's Cryptolopes and Intertrust's Digiboxes). These allow rightsholders to manage a wide range of parameters (including price, usage context, and any other variable for which you can imagine having a certificate). Whats fundamentally different about what are generically referred to as secure envelopes, is that they can maintain controls *indefinitely* (persistence), across an un- known, ad hoc, web of distribution over which one otherwise has no control. And yes, this can all work even in a completely disconnected environment (laptop at 35,000 feet).
They allow rightsholders, if they so choose, to *continue* being rights- holders in a highly networked, digital world, and in a wide range of new ways, based on entirely new (or old) business models, that take advantage of rich/elaborate conditions for usage (e.g. you can view this picture anonymously, but it will cost you 2X as much, and you can only get it at low resolution, and you can't view it at all unless you can prove that you don't live in the Middle East). No certificate for these conditions? Sorry, no content.
They are based the same basic stuff (public key cryptography of course) that *can* fuel wild anarchic visions of anonymous exchange. ;)
But they aren't at all deterministic of any particular economic model.
Well how exactly does one prevent data from being stolen once it has been unlocked? I pay my 2X to view the picture anonymously and now I copy it save it and distribute it worldwide. I fail to see how any encryption/watermark scheme can prevent me from doing so.
The control technologies to which I referred earlier turn the lock/unlock idea into far more than a binary choice. This is what I meant by "persistence". The content cannot be used without its accompanying control set (which again, *might* include payment). Part of the control set I may impose on anonymous viewers could include preventing them from copying or saving the content directly in digital form.
This is counter-intuitive to those of us who are used to having cut/paste available at our fingertips in most applications, but its relatively trivial to disable these functions on a file by file basis. Alternatively, I might impose controls that permit anonymous users to see *only* lower reso- lution versions. (by analogy, if you're going to wear a ski mask into a jewelry store, you aren't likely to be shown the expensive stuff - if they let you in the door in the first place).
Can't do it. :) Once you have given me the keys to unlock and display the data I can save it, copy it, reproduce it and distribut it. To assume otherwise shows a lack of understanding of computer systems and moderen OS's. Sure I would need to write some software and jump through some hoops to do it but there is nothing that your system can do to prevent me from doing so. Now wether it is worth the effort to do so will depend on the value of the data involved. Once you have given me the ability to display the data you have lost the battle as I can do whatever I want with it. As far as the anonymous purchaces, no a big deal. Wan Sin Soo pays the full $$$ amount decrypts the data, copies it and send it too his buddies in Bangledesh. Next week there is a million copies of your data floating around the Far-East and Wan Sin Soo is nowhere to be found. The fact that he bought it non-anonymously is of little relevance.
If you were really determined, you could always take a photo of the screen, re-scan it, do some image enhancement to get rid of the graini- ness, re-save it and post it on your web page for all to see, (the so-called digital-to-analog-to-digital work-around), but this is darned inconvenient. Also, try doing that with music or movies.... while avoiding the roving automated net 'bots that will be out looking for illegal copies of content (these are already common). Not worth it. For most people.
digital-analog-digital is completly unnessasary.
If it were, we'd already have massive illegal scanning operations in third-world countries, and plenty of demand for their wares. Sure, this exists, and may even grow a bit around the fringes, but this hardly proves the case for a single vision of an anarchic Robin Hood future for all content (Sell today else I rip you off tomorrow!!)
There are. China, Russia, Eastern Europe, Far East. You have multi-million dollar operations that all they do is pirate software, movies, music, ...ect. If the can make money pirating your data then the will do so.
As a non-disclosed third party, I'm not at liberty to discuss the 'guts' of either the Crytolope or Digibox technologies (though I have seen them) Both are covered, as you might imagine, by a fairly extensive array of active and pending patents. If you want to learn more, I'd recommend contacting them directly:
I have not looked at Digibox but I have looked at Crytolope and the technology can be defeated. All these systems do is make it hard for Joe SixPack running WinBlows 2000 to make a couple of copies for his freinds. For anyone determined to pirate the data this is just a minor inconvienance just like other such schemes in the past. - -- - --------------------------------------------------------------- William H. Geiger III http://users.invweb.net/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://users.invweb.net/~whgiii/pgpmr2.html - --------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000 iQCVAwUBNGSJEY9Co1n+aLhhAQFOtQP/WlOYl/33Qeko3eFaBAWR6ajYcFoONYQ/ +vDLDgY55x3fVwoVumB62AjtUIXM+deHAruKjDw0rgLhzRhqilOndw/0D+FT8HV3 4W0rehoSG3s3T2hqkJq1vq29X+fQJ7LqE7nWTS0wWEZjBEMkPZyIv50/rRTSK+rB /VIF1esIG3o= =/qfm -----END PGP SIGNATURE-----