You've spelt belam as belham again. Maybe you keep thinking of that lovely bit of south london. But that was balham or the band balaam and the angel.
Jem On 2/6/08 13:47, "Nick Reynolds-FM&T" <[EMAIL PROTECTED]> wrote: > LOL > > It didn't say "we want secure DRM but not TOO secure" either > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Andy > Sent: 30 May 2008 16:42 > To: [email protected] > Subject: Re: [backstage] iPlayer download client for the Mac > > Ryan Morrison wrote: >> You say "Didn't the Trust tell the BBC to produce download clients for > >> other platforms as soon as possible?" But didn't the Trust also set >> the conditions for DRM? > > It doesn't say how secure the DRM has to be. > And security wise it doesn't really need to be secure at all. After all > the Beeb are blasting the programs out of transmitters, in digital form, > at higher quality. Security is defined by "weakest link". So as long as > you make some small effort you're fine, you can't lower the security any > more than it is now because their is none. > > The BBC keeps saying "we need someone to write DRM for us", stop being > such a bunch of lazy people and do it yourself. Helpfully the BBC > pre-knows all the restrictions they want (so no need to actually encode > the rights data ;)). > > A *very* simple method: > > 1. Assign client software a key or set of keys (symmetric or asymmetric > doesn't really matter) 2. Take MP4* file prepend the files broadcast > date(s). > 3. Chose random symmetric encryption key 4. Cypher that data 5. Prepend > a copy of the symmetric key encrypted with each client encryption key 6. > Client decrypts with it's key and checks the broadcast date, if it's > over 7 days old it refuses to play. > 7. Job done, go to nearest pub (additionally actually test the software > ;)) > > C = E_c1(k),E_c2(k),...,E_cN(k),E_k(T,P) > Where C_x donates encryption under key x. > c1,c2 to cN represents client keys 1 2 and N (repeat as needed) k is the > item (or episode key) P is the item (or episode) T is the broadcast > timestamp > > Decryption is left as an exercise for the reader^. > > As long as you don't use a Stream cypher the user will need to know the > items key to tamper with the broadcast date, and if they have that key > they can decrypt anyway! > > Might want to use some more complex method for encoding rights data. > > Weakness is the client key or item key could be compromised, but all DRM > schemes have this weakness. > > It's stronger than plaintext so no less secure the Digital TV. > > Could probably code that in a few days (provided you have some kind of > cryptography library available) > > * or any other format. > ^ if you really can't work out how to do it then ask, but you really > should have at least one person capable of understanding this > > >> The point here isn't so much that someone has made a download client >> but has made a download client that allows for the download of DRM >> free iPlayer files >> - which is against the terms the BBC have agreed for the iPlayer (I >> think that's right). > > The point is the BBC could have added a very simple DRM scheme and have > done the same thing. > >> Whether you agree with that or not - it is simple fact. > > Haven't seen the rights that the BBC have agreed. But if it says > "Windows DRM Only" I would strongly suspect that the agreement may be > illegal, particularly given EU vs Microsoft's ruling about tying. Would > the BBC care to show us all this alleged document that is tying their > hands? > >> And Jem isn't trying to censor the internet - just asking that you >> talk about 'getting around the DRM on iPlayer files' somewhere that > isn't run by the BBC. > > Trying to restrict discussion of certain topics isn't censorship? What > precisely do you call it then? > > Andy > - > Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, > please visit > http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. > Unofficial list archive: > http://www.mail-archive.com/[email protected]/ > > - > Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please > visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. > Unofficial list archive: > http://www.mail-archive.com/[email protected]/ - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/[email protected]/
