On Feb 27, 10:12 pm, Al Sutton <a...@funkyandroid.com> wrote: > DRM tends to be based on Cryptography and yes, all cryptography is > breakable
NO, NO, NO, NO, NO, NO, NO! Cryptography is intended to be used for, and effective at, transmitting a message secretly between two parties (A -> B) without a third-party (E, for eavesdropper) being able to intercept it. The goal of DRM is transmit a message (in this case, the application) to the user's device, without the user being able to get access to it. Unfortunately the user owns the device and can do whatever they like with it, so B is the same person as E, and cryptography cannot solve this problem. If you encrypt the software then you simply move the problem. You can then put the encrypted software in plain sight, but you have to hide the keys and the temporarily unencrypted software on the device. You can try and make it difficult to find the keys, but major players have spent millions of dollars trying to do this and failed. It may take a substantial amount of effort and/or special equipment to break the DRM, but once it is broken the unencrypted software can be as freely distributed as anything else and the whole system is worthless. Also, the statement "all cryptography is breakable" is false. One-time pad cryptography is provably unbreakable and quantum cryptography is provably unbreakable according to known physics. More practically, RSA cryptography is effective and not proven to be breakable unless you have a quantum computer lying around or you're sitting on a proof of P=NP that you haven't gotten around to publishing yet. All DRM is breakable, and not because of the strength of any cryptography used with it. > Most DRM doesn't cause anyone any pain when the content is used in the > manner for which a license has been purchased, the "pain" tends to come > when people want to use content in ways they may not have a license for > (e.g. ripping a movie to a hard disk in a different format, moving > software between machines). Or, "Fair use" as it is referred to in some jurisdictions. > I'd happily accept measures to allow content > providers (such as developers) to protect themselves against the > minority of users who rip them off by freely handing out copies of > applications because at the level we're dealing with sales of 10 or 20 No DRM can stop a determined attacker. The Android DRM stops the un- determined one. Therefore the Android DRM is as good as any DRM can be. Stop complaining about it as if Google engineers are all amateurs and you're the world's greatest computer security expert. The AndAppStore DRM is as trivial to break as any other. It wouldn't even require an unlocked device or an ADP1 to break it. -- Jon --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
