Palladium Laptop
http://www.informationweek.com/blog/main/archives/2006/02/yes_trusted_ com.html Yes, Trusted Computing is used for DRM Ever since the Trusted Computing Group went public about its plan to put a security chip inside every PC, its members have been denying accusations that the group is really a thinly-disguised conspiracy to embed DRM everywhere. IBM and Microsoft have instead stressed genuinely useful applications, like signing programs to be certain they dont contain a rootkit. But at this weeks RSA show, Lenovo showed off a system that does use the chips for DRM after all. The system is particularly frightening because it looks so simple. Theres no 20-digit software key to type in, no dongle to attach to the printer port, no XP-style activation. (Is this what Bill Gates was thinking of when he said in his keynote that security needs to be easier to use?) The user interface is just a Thinkpad, albeit one of the new models with an integrated fingerprint sensor. When someone tries to open a DRM-restricted document (in this case, a PDF file: break that DRM and go to jail), Lenovo software asks the user to swipe a finger across the sensor. My finger results in an access denied message; the Lenovo security guys finger opens the document. If youve ever had a laptop stolen, this might sound useful. It is. In fact, encrypting hard disks or individual files is the main use that most vendors are promoting for the chip. Thinkpads have been able to do that since their IBM days, and now most other laptops can too. You can probably try it out by downloading software from your laptop manufacturers site, and Microsoft is building similar functionality into Vista as Palladium NGSCB Secure Startup BitLocker. The fingerprint sensor is also a good thing, if its just used for encryption. Its even good for privacy: It means that network servers can authenticate you based on your fingerprint, without sending any fingerprint data over the network. (How? You authenticate to the chip in your laptop with your fingerprint, then the chip authenticates to the server with a digital certificate.) But DRM goes beyond encryption. In the system that Lenovo demonstrated, the decision about who can do what with the file is made by whoever generates the PDF, not by the person or organization that owns the laptop. According to Lenovo, the system is also aimed at tracking who reads a document and when, because the chip can report back every access attempt. If you access the file, your fingerprint is recorded. That might also sound useful, provided of course that youre the one doing the recording and restricting. (Id love to be Big Brother! Wouldnt we all?) The problem is that you wont be. Even if we forget about media companies for the moment, and assume that DRM is just for businesses that need to protect their sensitive documents from disclosure by employees or outsourcing partners, its still a bad tradeoff. A DRM system may seem to empower whoever is setting the restrictions (in this case, the PDF creator), but thats just power by proxy. The real control lies with the hardware and software companies. Theyre the ones who actually enforce the DRM and have the encryption keys, so they can hold your data to ransom. DRM customers are already locked into a single vendor: A DRM-restricted Word document can only be read by Word (not OO.org, WordPerfect or Writely), just as a DRM-restricted iTunes download can only be played on an iPod. Present versions of Word and iTunes still let customers escape by using the Windows clipboard or a CD burner, but that capability can be removed at any time. Relying on DRM means trusting all the vendors involved (in this case, Microsoft, Adobe, Lenovo and its component suppliers) more than you trust the users of the system. You need to trust the vendors both morally and practically: Can Microsoft be trusted not to abuse its power? And can Microsoft be trusted to develop a system that isnt full of security holes? If youre a movie studio or a record label, the users are your customers. You probably do trust Microsoft and the TCG more than your customers, so DRM might make sense. But if youre an organization seeking to protect sensitive data, the users are your own employees and business partners. Are they really less trustworthy than Microsoft, its employees and its business partners? ___ http://www.mccmedia.com/mailman/listinfo/brin-l
Re: Semi-OTC Lasers
And more easily blind people than the class 1 lasers. Want to kill someone? Wait till he drives past on th efreeway, point the laser at his eyes and there he goes. The perfect crime, killing people with an intuitive point and click interface. I have a class 1 green laser rated at 4.99mW that I use for a star pointer which would likely be sufficient for that purpose. (Drives the cat crazy, too.) The downside of doing what you describe at night is that the beam of even a class 1 green laser is visible at night (the very reason it is useful for pointing out objects in the sky), so any witnesses would be able to describe where the beam came from. The laser Rob described is actually bright enough that the I was temporarily blinded by a red laser while traveling in a train (some years ago). I suppose one these normal laser pointers. The air was clear and I could not make out where the beam came from. I ssume that the beam was turned on before it hit me, that it took the operator a few seconds to home in. If I had noticed the beam (or the spot) before, I would have taken appropiate measures (having worked around industrial lasers of the cuts-though-concrete-walls variety, I am trained to extreme reactions at the sight of a laser beam getting close...). I didn't immediately realize what happened when the beam hit my left eye - it was the first time that I looked into a laser beam. Since then, I have a few black spots flyling before my left eye (such laser damage was described to me as being like flies flying in front of your eye, and now I can confirm that). A normal retinography shows nothings, but I can see it, close to the center of my field of view. Took me more than a year to get used to it. However, even temporary blinding will be a problem when, for example, entering a curve. Traffic in the opposite direction is very close, and during the curve entrace, it is not sufficient just to keep the steering wheel in position. Yup, there are people who enjoy throwing rocks from freeway bridges. People aleady got killed by that. Green lasers might be the new geek way to have such fun... - Klaus ___ http://www.mccmedia.com/mailman/listinfo/brin-l
Re: A Second Conviction
On 2/23/06, Robert G. Seeberger [EMAIL PROTECTED] wrote: I do not doubt Soffars guilt. My brother knew the guy, and he was a well know thug amongst the young people in Friendswood. Rob, Are you from Friendswood? Perhaps you told me back when Wes was killed... but that's his home town. I know the police chief there, as a result. He's an former Marine. I met the mayor, too, who didn't know how the town got its name, sadly. I'm fairly certain that the guy who killed Wes was not from Friendswood. I just returned from North Carolina, where I visited my family, with a side trip to meet Wes' crew chief, who was so badly injured by the same rocket that killed Wes that it is astonishing, miraculous, that he survived. He's doing okay now. It was a good meeting. Turns out Wes was killed by a 123mm rocket, not an RPG. His whole crew was hurt, but his crew chief was the most serious -- the most serious of his entire battalion. Now I know where it happened, what they were doing and so forth, which is good. His crew chief feels responsible -- he had just asked Wes to do something (start the vehicle) he could have done himself... thinks he should have. Very hard... Nick -- Nick Arnett [EMAIL PROTECTED] Messages: 408-904-7198 ___ http://www.mccmedia.com/mailman/listinfo/brin-l
Re: Palladium Laptop
embed DRM everywhere. IBM and Microsoft have instead stressed genuinely useful applications, like signing programs to be certain they don’t contain a rootkit. But at this week’s RSA show, Lenovo showed off a ROFLMAO! These applications are not real-world applications as we know them. Only very small programs can be made safe enough to get enough certification to be allowed to run in TPM. Having a tool like MS IE or MS Office inside the trusted zone would just mean compromize that security by opening holes to the untrusted outside. Btw, fingerprint sensors work only for maybe 95..98% of all the people. The rest has no usable fingerprints (yup, law enforcement agencies have quite a bit experience and knowledge about fingerprint identification...). Obviously, it's possible to make the sensors more tolerant, but this means less than safe. Typical fingerprint sensors can be fooled by a gummi bear (the original fingerprint which is copied to the bear may come from a water glass; these provide excellent fingerprint master copies). This is, of course, a good thing, because you can still access your documents after you injured your finger (provided you have a uncleaned glass with oyur fingerprints somewhere).. - Klaus ___ http://www.mccmedia.com/mailman/listinfo/brin-l
Re: Hello...
On 2/21/06, Charlie Bell [EMAIL PROTECTED] wrote: On Feb 22, 2006, at 2:45 PM, [EMAIL PROTECTED] wrote: Would that be Oz-tentacious? Glad to see the standard of puns hasn't improved since I was last here (um... 3 years ago? $deity knows...). What? You've been away? ;-) Welcome back. Nick -- Nick Arnett [EMAIL PROTECTED] Messages: 408-904-7198 ___ http://www.mccmedia.com/mailman/listinfo/brin-l
Re: Hello...
On Feb 25, 2006, at 5:42 AM, Nick Arnett wrote: On 2/21/06, Charlie Bell [EMAIL PROTECTED] wrote: On Feb 22, 2006, at 2:45 PM, [EMAIL PROTECTED] wrote: Would that be Oz-tentacious? Glad to see the standard of puns hasn't improved since I was last here (um... 3 years ago? $deity knows...). What? You've been away? ;-) Weirdest thing. Woke up by the side of the road somewhere, and it was 2006... Welcome back. Cheers Nick. *looks round* I like what you've done with the place. :) Charlie ___ http://www.mccmedia.com/mailman/listinfo/brin-l
Re: A Second Conviction
Nick Arnett wrote: On 2/23/06, Robert G. Seeberger [EMAIL PROTECTED] wrote: I do not doubt Soffars guilt. My brother knew the guy, and he was a well know thug amongst the young people in Friendswood. Rob, Are you from Friendswood? Perhaps you told me back when Wes was killed... but that's his home town. For a couple of years in the late 70s I lived across the street from Wes' old high school. Most of my siblings graduated there, though the youngest was a few years older than Wes. I lived in that house again for a couple of years in the early 90s, but that too was before Wes' time there. The house where I had the run in with Soffar was a different house a couple of miles away. I know the police chief there, as a result. He's an former Marine. I met the mayor, too, who didn't know how the town got its name, sadly. Friendswood was settled by Quakers.The Society Of Friends..It is hard to imagine anyone living there not being aware of that. The town has some history. My step-father, an engineer for Hughes Tool and later at NASA-JSC, was a Quaker and I suppose that is where I learned this. I'm fairly certain that the guy who killed Wes was not from Friendswood. Very unlikelyG I just returned from North Carolina, where I visited my family, with a side trip to meet Wes' crew chief, who was so badly injured by the same rocket that killed Wes that it is astonishing, miraculous, that he survived. He's doing okay now. It was a good meeting. Turns out Wes was killed by a 123mm rocket, not an RPG. His whole crew was hurt, but his crew chief was the most serious -- the most serious of his entire battalion. Now I know where it happened, what they were doing and so forth, which is good. His crew chief feels responsible -- he had just asked Wes to do something (start the vehicle) he could have done himself... thinks he should have. Very hard... Poor guy.:( Survivors guilt spreads thick or thin but can also spread very far. I hope he is getting some counciling. xponent Care For Survivors Too Maru rob ___ http://www.mccmedia.com/mailman/listinfo/brin-l
Re: Semi-OTC Lasers
At 10:11 AM Friday 2/24/2006, Klaus Stock wrote: And more easily blind people than the class 1 lasers. Want to kill someone? Wait till he drives past on th efreeway, point the laser at his eyes and there he goes. The perfect crime, killing people with an intuitive point and click interface. I have a class 1 green laser rated at 4.99mW that I use for a star pointer which would likely be sufficient for that purpose. (Drives the cat crazy, too.) The downside of doing what you describe at night is that the beam of even a class 1 green laser is visible at night (the very reason it is useful for pointing out objects in the sky), so any witnesses would be able to describe where the beam came from. The laser Rob described is actually bright enough that the I was temporarily blinded by a red laser while traveling in a train (some years ago). I suppose one these normal laser pointers. The air was clear and I could not make out where the beam came from. About the only way to make the standard red laser pointer beam visible is to be in a reasonably dark room (e.g., a lecture hall with the main room lights out and the main illumination being the lights on the blackboard or the light coming from a movie or video screen at the front upon which something is projected) and then to have the room filled with smoke or steam or to take a couple of dirty erasers off the chalk tray and clap them together to fill the air with chalk dust, and the beam won't stay visible for long. That's because the color of the beam is such a deep red (630-680nm, according to the label on the one I have here) that the human eye isn't very sensitive to it. The green ones lase at 532nm, which is near the wavelength (~550nm) where the human eye is most sensitive, so the beam from a green laser is much more visible than that from a red laser of the same power, making the beam from a class 1 green laser pointer visible in a dark room or outside at night (even when there are some lights not too far away) as it reflects off moisture and dust particles naturally present in the air. I ssume that the beam was turned on before it hit me, that it took the operator a few seconds to home in. If I had noticed the beam (or the spot) before, I would have taken appropiate measures (having worked around industrial lasers of the cuts-though-concrete-walls variety, I am trained to extreme reactions at the sight of a laser beam getting close...). I didn't immediately realize what happened when the beam hit my left eye - it was the first time that I looked into a laser beam. The first time I recall that happening was back in the early 70s when I was in one of the university physics labs and opened the door to the next lab (that building was designed in a square ring with most of the classrooms and faculty offices around the outside and the inside occupied by a series of interconnecting labs with the equipment room, power supply board, etc., in the middle) and discovered that someone had a low-power HeNe laser pointed at the other side of the door. (I think someone had taped a piece of white paper to the door to use for a screen to demonstrate diffraction patterns.) As an astronomer, I do keep a pretty close eye on my vision (:)), and I haven't noticed any damage from that or subsequent accidental exposures, although I do take care to avoid exposure. Since then, I have a few black spots flyling before my left eye (such laser damage was described to me as being like flies flying in front of your eye, and now I can confirm that). A normal retinography shows nothings, but I can see it, close to the center of my field of view. Took me more than a year to get used to it. However, even temporary blinding will be a problem when, for example, entering a curve. Traffic in the opposite direction is very close, and during the curve entrace, it is not sufficient just to keep the steering wheel in position. That's what I was thinking of, and indeed this green laser pointer I have would be more than sufficient for that purpose. At night, shining it into another room with light-colored walls or ceiling illuminates the other room just as well as shining a flashlight in there would. Yup, there are people who enjoy throwing rocks from freeway bridges. People aleady got killed by that. Including a professor at another university here in Alabama a few years ago when an iirc 10-lb rock came crashing through her windshield. Green lasers might be the new geek way to have such fun... I fear that will be so. Particularly now that the prices for class 1 green lasers are significantly less than $100. (They are still considerably more expensive than common red laser pointers because to get the green color requires a 2-step process: the first step generates an infrared laser beam at 1064nm, then the second step doubles the frequency to get the green wavelength of 532nm. This also makes them
New cosmic outburst detected
http://www.space.com/scienceastronomy/060223_explosion.html NASA Detects 'Totally New' Mystery Explosion Nearby Possible supernova in Aries. Julia ___ http://www.mccmedia.com/mailman/listinfo/brin-l
Re: Semi-OTC Lasers
P.S. It's pretty well overcast tonight. Unlike the spotlight someone has going to the NE of here, my pointer will not reach far enough to put a visible spot on the clouds. It will suffice, however, to mark any branch on any tree visible from here. --Ronn! :) Since I was a small boy, two states have been added to our country and two words have been added to the pledge of Allegiance... UNDER GOD. Wouldn't it be a pity if someone said that is a prayer and that would be eliminated from schools too? -- Red Skelton (Someone asked me to change my .sig quote back, so I did.) ___ http://www.mccmedia.com/mailman/listinfo/brin-l
RE: Hello...
Charlie wrote: Weirdest thing. Woke up by the side of the road somewhere, and it was 2006... This Monday I received a huge shock. Tuesday there was another shock lying in wait for me. By Tuesday evening I was hoping that the Universe pays attention to someone else for a few more days. Wednesday morning I saw your mail here and thoght, I am delusional... ;) Ritu GCU Are you on ICQ these days? ___ http://www.mccmedia.com/mailman/listinfo/brin-l
