On May 29, 2009, at 8:48 AM, Peter Gutmann wrote:
Jerry Leichter leich...@lrw.com writes:
For the most part, software like this aims to keep reasonably honest
people honest. Yes, they can probably hire someone to hack around
the
licensing software. (There's generally not much motivation
James Muir wrote:
Alexander Klimov wrote:
On Tue, 26 May 2009, James Muir wrote:
There is some academic work on how to protect crypto in software from
reverse engineering. Look-up white-box cryptography.
Disclosure: the company I work for does white-box crypto.
Could
John Gilmore wrote:
...
PPS: On a consulting job one time, I helped my customer patch out the
license check for some expensive Unix circuit simulation software they
were running. They had bought a faster, newer machine and wanted to
run it there instead of on the machine they'd bought the
Their product inserts program code into
existing applications to make those applications monitor and report
their own usage and enforce the terms of their own licenses, for
example disabling themselves if the central database indicates that
their licensee's
Alexander Klimov wrote:
On Tue, 26 May 2009, James Muir wrote:
There is some academic work on how to protect crypto in software from
reverse engineering. Look-up white-box cryptography.
Disclosure: the company I work for does white-box crypto.
Could you explain what is the point of
2009/5/27 Alexander Klimov alser...@inbox.ru mailto:alser...@inbox.ru:
On Tue, 26 May 2009, James Muir wrote:
There is some academic work on how to protect crypto in software from
reverse engineering. Look-up white-box cryptography.
Disclosure: the company I work for does white-box crypto.
Jerry Leichter leich...@lrw.com writes:
For the most part, software like this aims to keep reasonably honest
people honest. Yes, they can probably hire someone to hack around the
licensing software. (There's generally not much motivation for J
Random User to break this stuff, since it
Ray Dillinger wrote:
Does anyone feel that I have said anything untrue?
Can anyone point me at good information uses I can use to help prove
the case to a bunch of skeptics who are considering throwing away
their hard-earned money on a scheme that, in light of security
experience, seems
If you've already explained to them that what they are trying to do is
both impossible and pointless, and they still want your consulting
services, take as much of their money as you can and don't feel bad
about it! Maybe you can get some more people on this list hired, too :)
/ji
On Tue, 2009-05-26 at 18:49 -0700, John Gilmore wrote:
It's a little hard to help without knowing more about the situation.
I.e. is this a software company? Hardware? Music? Movies?
Documents? E-Books?
It's a software company.
Is it trying to prevent access to something, or
the
John Gilmore wrote:
It's only the DRM fanatics whose installed bases of customers
are mentally locked-in despite the crappy user experience (like
the brainwashed hordes of Apple users, or the Microsoft victims)
who are troublesome. In such cases, the community should
I assume the Apple
On Tue, 26 May 2009, James Muir wrote:
There is some academic work on how to protect crypto in software from
reverse engineering. Look-up white-box cryptography.
Disclosure: the company I work for does white-box crypto.
Could you explain what is the point of white-box cryptography (even
if
The introduction of the acronym DRM has drawn all the hysteria it
always does.
The description you've posted much more closely matches license (or
sometimse entitlement) management software than DRM. There are many
companies active in this field. Many are small, but Microsoft sells
On Wed, May 27, 2009 at 2:01 AM, Darren J Moffat darren.mof...@sun.com wrote:
John Gilmore wrote:
It's only the DRM fanatics whose installed bases of customers
are mentally locked-in despite the crappy user experience (like
the brainwashed hordes of Apple users, or the Microsoft victims)
who
On 1243421494 seconds since the Beginning of the UNIX epoch
Marcus Brinkmann wrote:
However, it also sounds like they are shifting the
burden of proof. Shouldn't they convince you (whoever they make the DRM
for) that their system is working? Have we really reached a
This is getting a bit far afield from cryptography, but proper threat
analysis is still relevant.
On May 27, 2009, at 4:07 AM, Ray Dillinger wrote:
On Tue, 2009-05-26 at 18:49 -0700, John Gilmore wrote:
It's a little hard to help without knowing more about the situation.
I.e. is this a
On Wed, 2009-05-27 at 10:31 -0400, Roland Dowdeswell wrote:
I have noticed in my years as a security practitioner, that in my
experience non-security people seem to assume that a system is
perfectly secure until it is demonstrated that it is not with an
example of an exploit. Until an
At a dinner party recently, I found myself discussing the difficulties
of DRM (and software that is intended to implement it) with a rather
intense and inquisitive woman who was very knowledgeable about what
such software is supposed to do, but simultaneously very innocent of
the broad
It's a little hard to help without knowing more about the situation.
I.e. is this a software company? Hardware? Music? Movies?
Documents? E-Books? Is it trying to prevent access to something, or
the copying of something? What's the something? What's the threat
model? Why is the company
19 matches
Mail list logo