Evil Copy Protection vs. Good Crypto-Capable Objects

[Bill Stewart]

Most of us agree that this technology is Nasty Copy Protection
pushed by Nasty Software Hoarders opposed to Honest Open Source,
and by Nasty Music Hoarders who want us to Pay Per View for
music, videos, e-books, and other products that we've bought,
using them technical workarounds for activities that
would normally be covered by First Sale and Fair Use
and only be covered by the limited protections of copyright,
and they richly deserve to Die Like DIVX (remember DIVX?*)
and get rejected by the market like Lotus Copy Protection.
	(*I'm told DIVX's cracked format has been recycled
	as a convenient tool for Napsterizing videos...)

Much worse, these Mindshare Marketing Thugs are in league with
the sleazy DMCA-abusers who got a law written badly enough that
it not only directly confiscates the previous rights of
information consumers but goes far beyond that to 
criminalize people who are engaged in the legitimate activity
of seeing what it is they bought and using it in interesting ways.
The technical side is bad enough, but left to itself,
either Darwin would get them or they'd find a market that's
willing to be couch-potato consumers we can sneer at,
either of which are ok, while the legal side is outright evil.

But what happens if we look at this from a cypherpunks viewpoint?
Cypherpunks write code.  Nasty MusicHoarderPunks can too.
The right way to protect information isn't to write laws,
which are ineffective against crackers (whether government or
free-lance), usually contain loopholes for cops to abuse,
and can be changed if the government wants to -
it's to write code and algorithms and hardware designs
that actually protect the information.

That's what these guys are doing, and it's what we WANT them
to do, though we'd rather have them operate a gift economy,
the way the folk music profession did before it commercialized,
and the church music and hacking professions.
	(I'm not counting the use of DMCA to criminalize
	working around bad software - that's still evil.)

How do you build tools to protect information,
at a level of granularity that someone who'd
cracked root on a Unix box or bought or cracked User on a 
Windows box can't break into?  You use crypto to encrypt data,
with public-key algorithms to do appropriate parts in public,
use objects that maintain their own data and keys,
and maybe you build capability-based operating systems,
or partition functions into separate devices like smartcards
or intelligent peripherals to keep the private parts more isolated.

If you want to build a For Your Ears Only secure telephone,
it's much easier if you can ship an encrypted data stream
that only the recipient's headphone can decrypt.
And if you want a digital signature system that
can't easily be forged by FBI spook who shoulder-surfs
your passphrase, or want a digital payment system that
can't easily be ripped off by some online store clerk,
it's easier if you can use some hardware object in the process.

To a large extent, the threat models are critical to your security -
but if being overprotected doesn't interfere with regular use,
and doesn't interfere with the other protection you're building,
it's not a Bad Thing.   Of course, it cuts two ways -
if you're not a Good Guy building hardware protection against
virus crackers, but an NSA Spook building cracking tools
to workaround for the software protections, it's nice to get
down and dirty in the hardware and hire Chip-R-Us to include
an undocumented Export Chip Private Key instruction in addition
to the Export Chip Public Key instruction...

Music Hoarders have a somewhat harder problem, in that they
want to copy-protect information while providing near-identical
copies to large numbers of people, while you're more likely
to want to provide your personal transaction information or
private messages only to a small number of recipients -
but you may still want some kind of watermarking to identify
who sold your "private" information to somebody you didn't authorize.

As long as watermarking isn't seriously obnoxious, the fact
that different listeners hear slightly different versions
isn't that bad - listeners at a concert also hear different versions
depending on whether they're in the front row, the nosebleed seats,
or the Phil Zone, as well as how hard they've been dancing,
how bouncily the people in front are dancing, whether Jerry
forgot some of the words or had a magical guitar night that reminds
them of a previous concert, and how, umm, chemically enhanced they are :-)


Somebody allegedly wrote to RAH:
>Don't forget Intel and IBM are charter members of both these scuzzy
>outfits.  And somebody please tell me what good an encrypted hard
>drive is gonna be when the key material has to pass through an untrusted
>PC running a see-through OS such as Windows?  If one is actually
>trying to save the data _from_ the PC operator not _for_ him/her, one
>needs a TCPA-like hardening.  At least Intel and IBM must realize this

Intel and IBM know that Windows isn't going to protect their data -
if they want it protected, they'll have to work around it,
using techniques like CPUs, speakers, and disk drives that
share public keys and only pass encrypted data through the OS.


				Thanks! 
					Bill
Bill Stewart, bill.stewart at pobox.com
PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639