Sorry - but should you be doing this via the backstage list -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jem Stone Sent: 02 June 2008 14:07 To: backstage@lists.bbc.co.uk Subject: Re: [backstage] iPlayer download client for the Mac
You've spelt belam as belham again. Maybe you keep thinking of that lovely bit of south london. But that was balham or the band balaam and the angel. Jem On 2/6/08 13:47, "Nick Reynolds-FM&T" <[EMAIL PROTECTED]> wrote: > LOL > > It didn't say "we want secure DRM but not TOO secure" either > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Andy > Sent: 30 May 2008 16:42 > To: backstage@lists.bbc.co.uk > Subject: Re: [backstage] iPlayer download client for the Mac > > Ryan Morrison wrote: >> You say "Didn't the Trust tell the BBC to produce download clients >> for > >> other platforms as soon as possible?" But didn't the Trust also set >> the conditions for DRM? > > It doesn't say how secure the DRM has to be. > And security wise it doesn't really need to be secure at all. After > all the Beeb are blasting the programs out of transmitters, in digital > form, at higher quality. Security is defined by "weakest link". So as > long as you make some small effort you're fine, you can't lower the > security any more than it is now because their is none. > > The BBC keeps saying "we need someone to write DRM for us", stop being > such a bunch of lazy people and do it yourself. Helpfully the BBC > pre-knows all the restrictions they want (so no need to actually > encode the rights data ;)). > > A *very* simple method: > > 1. Assign client software a key or set of keys (symmetric or > asymmetric doesn't really matter) 2. Take MP4* file prepend the files > broadcast date(s). > 3. Chose random symmetric encryption key 4. Cypher that data 5. > Prepend a copy of the symmetric key encrypted with each client encryption key 6. > Client decrypts with it's key and checks the broadcast date, if it's > over 7 days old it refuses to play. > 7. Job done, go to nearest pub (additionally actually test the > software > ;)) > > C = E_c1(k),E_c2(k),...,E_cN(k),E_k(T,P) > Where C_x donates encryption under key x. > c1,c2 to cN represents client keys 1 2 and N (repeat as needed) k is > the item (or episode key) P is the item (or episode) T is the > broadcast timestamp > > Decryption is left as an exercise for the reader^. > > As long as you don't use a Stream cypher the user will need to know > the items key to tamper with the broadcast date, and if they have that > key they can decrypt anyway! > > Might want to use some more complex method for encoding rights data. > > Weakness is the client key or item key could be compromised, but all > DRM schemes have this weakness. > > It's stronger than plaintext so no less secure the Digital TV. > > Could probably code that in a few days (provided you have some kind of > cryptography library available) > > * or any other format. > ^ if you really can't work out how to do it then ask, but you really > should have at least one person capable of understanding this > > >> The point here isn't so much that someone has made a download client >> but has made a download client that allows for the download of DRM >> free iPlayer files >> - which is against the terms the BBC have agreed for the iPlayer (I >> think that's right). > > The point is the BBC could have added a very simple DRM scheme and > have done the same thing. > >> Whether you agree with that or not - it is simple fact. > > Haven't seen the rights that the BBC have agreed. But if it says > "Windows DRM Only" I would strongly suspect that the agreement may be > illegal, particularly given EU vs Microsoft's ruling about tying. > Would the BBC care to show us all this alleged document that is tying > their hands? > >> And Jem isn't trying to censor the internet - just asking that you >> talk about 'getting around the DRM on iPlayer files' somewhere that > isn't run by the BBC. > > Trying to restrict discussion of certain topics isn't censorship? What > precisely do you call it then? > > Andy > - > Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, > please visit > http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. > Unofficial list archive: > http://www.mail-archive.com/backstage@lists.bbc.co.uk/ > > - > Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, > please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. > Unofficial list archive: > http://www.mail-archive.com/backstage@lists.bbc.co.uk/ - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/ - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
