Copy protection of ordinary disk drives?
Ray Dillinger
bear at sonic.net
Fri Dec 22 08:45:09 PST 2000
On Fri, 22 Dec 2000, Brian Lane wrote:
>> http://www.theregister.co.uk/content/2/15620.html
>>
>> Stealth plan puts copy protection into every hard drive
>>
>> But because the system makes use of the physical location on the device of
>> the encrypted item, software designed for non-compliant drives will break
>> in some circumstance when encrypted data files are moved.
>>
>> "It requires both drives to be compliant when data is to move from one disk
>> to another," says Lotspiech. "And a compliant application to get all that
>> data to the new drive".
>>
>> So a hard drive containing small individual containing non-copyable files
>> of say, Gartner reports, will essentially be unrestorable using existing
>> backup programs.
>
> Maybe I'm being dense today, but I don't see how this is going to work. So
>they have a key on your drive, they encrypt the data using this key, but at
>some point the data has to be decrypted and used, which means that it can be
>intercepted.
>
> The article isn't too clear, but it appears that a 'compliant application'
>is going to be needed to do the encrypt/decrypt? All software is subject to
>disassembly, so there is no real protection there.
>
Here's one other thing; how does the "compliant application" get the
decryption keys?? If I can't copy files without being hooked up to
the net, then half my computers at home will quit working! (I have
two distinct networks: one for secure data and one with internet
access...). If the compliant application needs to hook up to the
internet in order to get a decryption key to read data, these drives
will not work for a host of legitimate non-networked applications.
On the other hand if the compliant application does NOT need to hook
up to the internet to get keys, then someone with a debugger will have
a utility to get your drive's whole list of keys (and a patched BIOS
to make it behave like a regular drive) within a couple weeks of
their introduction to the market.
Unless it comes out at the same time as "encrypted instruction set"
computing, where the executables are decrypted inside the CPU...
Bear
More information about the cypherpunks-legacy
mailing list