[Re: Microsoft Palladium] Fwd: [DMCA-Activists] MS DRMOS Palladium -- The Trojan Horse OS
Alex Papadopoulos
alex at picturebooks.gr
Thu Jul 11 11:37:01 EEST 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
To parakatw mou hr8e prin merikes meres. Ontws oi ekselikseis einai
toulaxiston anhsyxhtikes. 8a mporousame na organwsoume kati san
syllogos gia thn enhmerwsh tou kosmou sxetika me ayta ta 8emata? Kati
san event gia tous teleiws amyhtous - ka8olou texniko - pou 8a milhsei
gia thn troph twn pragmatwn ston gennaio neo kosmo.
O kosmos *PREPEI* na ma8ei!
- -A
- ---------- Forwarded Message ----------
Subject: [DMCA-Activists] MS DRMOS Palladium -- The Trojan Horse OS
Date: Sat, 29 Jun 2002 15:25:17 -0700
From: "Jon O." <jono at networkcommand.com>
To: dmca-activists at gnu.org
http://www.anti-dmca.org/DRM-OS.html
Reviewing the Microsoft DRMOS (Palladium Patent) it became
apparent Richard Stallman's short story, The Right to Read
is indeed visionary. Below are quotes from the DRMOS patent
and Stallman's Right to Read.
You must read this story:
http://www.gnu.org/philosophy/right-to-read.html
Although it has been difficult to clearly articulate to the general
computer user, it should now be clear the DMCA represents not
only risk to fair use and other such issues, but represents
a tool by which new technologies such as the DRMOS can be enforced.
It and other new laws (SSSCA/CBDTPA) are the legal infrustructure
required to make the public use these new DRM technologies and
enforce punishment/fines when they are circumvented.
Content from MS DRMOS Patent quoted under the practice of fair use
for comment and discussion purposes.
The DRMOS Patent can be found here:
http://cryptome.org/ms-drm-os.htm
- -------------
The Content Provider (ISP) must maintain a registry of "subscriber
computers". This is the SPA and Central Licensing:
Therefore, the content provider would have to maintain a registry
of each subscriber's DRMOS identity or delegate that function to a
trusted third party. ... Because the basic DRMOS and additional
components always have the same identities when executing on a
specific type of processor, the content provider has only to maintain
a list of the identities for the combinations of the basic DRMOS and
additional components that the provider trusts. Each identity uploaded
is then checked against the list.
- ------------
Soon, changing your PC's system clock could become illegal:
This alternate embodiment requires a secure time source to be
available on the subscriber computer so the user cannot simply
turn back the system clock on the subscriber computer.
- ------------
Pay-per-use operating system and components:
As described above, components may be valid only until a specified date
and time, and content may also be licensed only until a certain date
and time. The monotonic counter described earlier can also be used to
ensure that the computer's clock cannot be set backwards to allow the
replacement of a trusted component by an earlier, now untrusted
version.
- ------------
Stallman is right again, DEBUGGING IS NOW ILLEGAL, enforced under
Section 1201 of H.R. 2281 (The DMCA):
DRMOS Patent:
An example of one kind of procedure that must be prohibited is loading
a kernel debugger because it would allow the user to make a copy of
the content loaded in memory. If the user of the subscriber computer
attempts to load a kernel debugger into memory, the DRMOS can either
1) refuse to load the debugger, or 2) renounce its trusted identity
and terminate the trusted application that was accessing the content
before loading the debugger. In the latter case, the memory must also
be purged of the content before the debugger is loaded.
See The Right to Read, Stallman:
There were ways, of course, to get around the SPA and Central
Licensing. They were themselves illegal. Dan had had a classmate in
software, Frank Martucci, who had obtained an illicit debugging tool,
and used it to skip over the copyright monitor code when reading
books. But he had told too many friends about it, and one of them
turned him in to the SPA for a reward (students deep in debt were
easily tempted into betrayal). In 2047, Frank was in prison, not for
pirate reading, but for possessing a debugger.
Dan would later learn that there was a time when anyone could have
debugging tools. There were even free debugging tools available on CD
or downloadable over the net. But ordinary users started using them to
bypass copyright monitors, and eventually a judge ruled that this had
become their principal use in actual practice. This meant they were
illegal; the debuggers' developers were sent to prison.
- -------------
You can no longer delete specific data from your hard drive:
DRMOS Patent:
For example, the DRMOS can allow the user to delete an entire content
file but not a portion of it. Another example is that the DRMOS can
allow the user to terminate all the threads of execution for a trusted
application but not just a single thread.
- -------------
Again, debuggers are not permitted:
DRMOS Patent:
Finally, a DRMOS must protect the trusted application itself from
tampering. The DRMOS must not allow other processes to attach to the
process executing the trusted application. When the trusted
application is loaded into memory, the DRMOS must prevent any other
process from reading from, or writing to, the sections of memory
allocated to the trusted application without the explicit permission
or cooperation of the trusted application.
- -------------
Users may not share data:
DRMOS Patent:
Such a facility is used when downloaded content can be accessed only by
a particular user. Moreover, if downloaded content is to be accessed
only by a particular user and by a particular application, the secret
to be stored may be divided into parts, with one part protected by an
application-specific key and the other part protected by a
user-specific key.
Applied to Stallman's Right to Read. Bear in mind these are e-books and
sharing would be a form of copyright circumvention:
He had to help her--but if he lent her his computer, she might read his
books. Aside from the fact that you could go to prison for many years
for letting someone else read your books, the very idea shocked him at
first. Like everyone, he had been taught since elementary school that
sharing books was nasty and wrong--something that only pirates would
do.
- --------------
The "Key Vault" and trusted third party (Central Authority):
DRMOS Patent:
Once the data is encrypted using the storage keys, there must be a way
to recover the keys when the DRMOS identity changes (as when the
operating system is upgraded to an incompatible version or an
unrelated operating system is installed) or the computer hardware
fails. In the exemplary embodiments described here, the keys are
stored off-site in a "key vault" provided by a trusted third party. In
one embodiment, the DRMOS contains the IP addresses of the key vault
providers and the user decides which to use. In another embodiment,
the content provider designates a specific key vault and the DRMOS
enforces the designation. In either embodiment, when the user requests
the restoration of the storage keys, the key vault provider must
perform a certain amount of validation before performing the download.
- -------------
Your computer cannot be used to copy content:
For example, one property might be that the application cannot be used
to copy content. Another example of a property is one that specifies
that the application can be used to copy content, but only in analog
form at 480P resolution. Yet another example of a property is one that
specifies that the application can be used to copy content, but only
if explicitly allowed by an accompanying license.
- -------------
Looks like the MPAA has been engaged in some Retail Politics:
In one embodiment, the access predicate takes the form of a required
properties access control list (ACL) as shown in FIG. 10. The required
properties ACL 1000 contains a basic trust level field 1001, which
specifies the minimum rights management functions that must be
provided by any application wishing to process the content. These
minimum functions can be established by a trade association, such as
the MPAA (Motion Picture Association of America), or by the DRMOS
vendor.
- -------------
More Pay-per-view OS functions:
As described briefly above, the license data structure 1100 can limit
the number of times the content can be accessed (usage counter 1101),
determine what use can be made of the content (derivation rights
1103), such as extracting still shots from a video, or building an
endless loop recording from an audio file, or a time-based expiration
counter 1105.
- -------------
Pay-per-listen feature:
The sublicense rights 1107 can impose more restrictive rights on
re-distributed content than those specified in a license for content
downloaded directly from the original content provider. For example,
the license 1100 on a song purchased directly from the music publisher
can permit a song to be freely re-played while the sublicense rights
1107 require a limit on the number of times the same song can be
re-played when redistributed.
- ------------------------
http://www.anti-dmca.org
- ------------------------
_______________________________________________
DMCA-Activists mailing list
DMCA-Activists at gnu.org
http://mail.gnu.org/mailman/listinfo/dmca-activists
- -------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iEYEARECAAYFAj0tQ0AACgkQC4sJPgbYoTr+JACeNAYZSLhs2wvw3z0tkcxtlh/k
OJQAnA+OFbx1ipmD1VbSEYZmvU2uOtqN
=xHug
-----END PGP SIGNATURE-----
More information about the Linux-greek-users
mailing list