On Tuesday 06 June 2006 16:26, Jonas Koelker wrote: > On Mon, Jun 05, 2006 at 04:24:32PM +0200, Lourens Veen wrote: > > How about this one then. You want to order a video card from the > > Traversal Technology web shop. For that, the shop needs your > > address, so they can send you the package, and your credit card > > number, so they can charge you. Of course, you don't want them to > > pass on that information to anyone else. So, you encrypt it, and > > require them to use software that won't let them do anything with > > the information but send you a package and charge you. > > > > Of course, they would have to agree to use such software, and it > > would have to be open source so that you could check whether it > > works correctly. > > If the software is free (|| open source) to them, there's nothing > stopping them from modifying it, and the situation is the same as > without DRM: you have to trust whomever you trade with.
There's nothing stopping them from modifying it, except that the signature will have changed and the TPM chip in their computer won't decode my data and give it to the programme. I'm not sure about others, but I'm not talking about the software DRM that's being used these days. That's snake oil. You can't protect something from an attacker when the attacker is the same as the receiver. Hardware DRM changes that: the DRM chip (TPM I think Intel calls it) is the receiver, and the user is the attacker. The only way to get through then is if there's a vulnerability in the signed binary. > In fact, I think it's probably better if they're bound to not give > away your personal information, rather than them being bound to be > *unable* to give your personal information away: in both cases, > they're promising to refrain from some action that's easily possible. They should be bound not to do that, but could you afford to sue? Lourens
pgpB8Z8sPt1lO.pgp
Description: PGP signature
_______________________________________________ Open-graphics mailing list [email protected] http://lists.duskglow.com/mailman/listinfo/open-graphics List service provided by Duskglow Consulting, LLC (www.duskglow.com)
