Re: Paying for drinks with wave br of the hand
R. A. Hettinga wrote: http://worldnetdaily.com/news/printer-friendly.asp?ARTICLE_ID=38038 WorldNetDaily Wednesday, April 14, 2004 YOUR PAPERS, PLEASE ... Paying for drinks with wave of the hand Club-goers in Spain get implanted chips for ID, payment purposes Posted: April 14, 2004 5:00 p.m. Eastern 2004.12.18: A new crime is sweeping the nation. Criminals everywhere are now cloning implanted chips of passerby well to do rich. Some have been caught hiding outside the bushes of the rich with a high powered RFID transponder, waiting for their victims to drive by. Congress has been presented with a bill outlawing all RFID readers, except by store owners. 2005.03.22: In the news today, actress Jennifer Lopez has been found dead in a dumpster near a shady street with her hand severed. Her American Express implant chip records show that unscrupulous fiends have ran up several million dollars in bar tabs all over downtown Los Angeles, and several large money wire transfers to Saudi Arabia, Afghanistan, and Iran. Ms. Lopez apparently instructed AMEX to remove all her daily spending limits on her credit chip after her chip refused her intended purchases at her local Porsche dealer. A recorded conversation with AMEX customer support reveals she believe it cramped her style. The FBI is searching for her killers. Special Agent Tom Jones said that no further information will be made available at this time, as that the FBI does not wish to comment on an ongoing investigation since it may aid the perpetrators, and that citizens should switch to cash immediately. Random J. Citizen on the street commented: 'Well, what do you expect? Congress Outlawed RFID readers, and now the thugs have resorted to chopping off hands.' Meanwhile thousands of implanted citizens are suing American Express for refusing to allow removal of their credit card chips, some demanding billions of dollars for their severed hands. 2006.03.23: In an unsurprising move today, CEO Jim Jones of American Express Corporation has stepped down after his company recently filed for Chapter 11 protection after Visa Corporation backed out of purchase negotiations. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Software protection scheme may boost new game sales
Yawn... This is no different than any of the copy protection schemes employed in the 1980's on then popular home computers such as the commodore 64. Hindsight is 20/20 and recalls, all of these were broken within weeks if not months. Nibbler copiers and other programs were quickly built that allowed the breaking of all of these systems. All sorts of error sectors, duplicate tracks, half tracks, extra tracks, extra sectors, non-standard sized sectors, tracks written at different speeds, erroneous checksums, hidden data, and other sorts of weird bits were employed. All were broken. None survived the ages. In the end, the companies that employed copy protection only managed to piss off customers who lost their only copy of the software, and created a market for the copiers and crackers. The crackers won, the software companies lost. Few of the companies of that era are still in business today. CEO's, Vulture Capitalists, and others who have an interest in such schemes would do well to invest some time in learning about that time, and the results, for their investments, and dollars will go the same way... the way of the brontosaurus, the trilobite, and the dodo. Let them try, if they wish to burn their money. As far as I'm concerned, I'll vote with my wallet as usual and only run open source, free software. If the moronic kids at whom these titles are aimed have the $50-$70 per title to waste on self destructing, flavor of the month games, they are certainly free to spend that money to their heart's desire. Not a dime from my wallet will wind up in their pockets - except perhaps indirectly: the next time I buy my next burger, no, I don't want fries with that, no, I don't want to supersize it, my $5 eventually makes a small contribution to the salary of the burger flipper, which in turn is applied to the purchase of said game. :) I've not read the said article just yet, but from that direct quote as the copy degrades... I can already see the trouble with this scheme: their copy protection already fails them. They allow copies to be made and rely on the fact that the CDR or whatever media, will eventually degrade, because their code looks like scratches... Rggghtt. If you can make one copy, you can make many, and you can certainly store the ISO in compressed form on a normal CD to make more copies later. CDR's are what? $0.20@ these days? Hell, you can even get one of those virtual CDROM programs to mount the CD's as if they were CD's, and store the ISO on a hard drive, or DVD-R instead. Hard drives are already in the 250-500GB range these days. So their scheme is already flawed and doomed from the start. It seems to me that people that engage in treating their customers like theives to begin with lack a vital ingredient for making money: common sense. --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ --*--:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Sat, 11 Oct 2003, Steve Schear wrote: Companies are using a new software protection system, called Fade, to protect their intellectual property from software thieves. Fade is being introduced by Macrovision, which specializes in digital rights management, and the British games developer Codemasters. What the program does is make unauthorized copies of games slowly degrade, by exploiting the systems for error correction that computers use to cope with CD-ROMs or DVDs that have become scratched. Software protected by Fade contains fragments of subversive code designed to seem like scratches, which are then arranged on the disc in a pattern that will be used to prevent copying. Bruce Everiss of Codemasters says, The beauty of this is that the degrading copy becomes a sales promotion tool. People go out and buy an original version. (New Scientist 10 Oct 2003) http://www.newscientist.com/news/news.jsp?id=ns4248 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Johns Hopkins Physics Lab System Detects Digital Video Tampering
And what stops an attacker from taking that digital video, stripping off the RSA(?) signatures (I'll assume it's just signed), editing it, creating another, random, one time private key, destroying that private key after resigning it, and offering it up as unedited?!?!?!?! They've either obviously not relesed all the details about this method, since you have no way to validate that the presented public key was created by their camcorder. So how would you prove that something came from a particular camera? Do you cripple the private key somehow to be able to identify it? Do you sign it twice? If you do, then a more permanent private key lives in the camcorder and can be extracted to also produce fake keys, etc... Either that, or this gets a nice wonderful SNAKE OIL INSIDE sticker slapped on it. :) Even more obvious: What stops an attacker from taking the camcorder apart, disconnecting the CCD output, then hooking up an unsigned edited video signal to it, and recording as a signed video? IMHO, it has an aroma rich with viperidae lipids. --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ --*--:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Mon, 29 Sep 2003, R. A. Hettinga wrote: Of course, if it's is just signed-frame video, prior art doesn't begin to describe this. Cheers, RAH -- http://www.sciencedaily.com/releases/2003/09/030929054614.htm Science Daily Source : Johns Hopkins University Date : 2003-09-29 SNIP One key, called a private key, is used to generate the signatures and is destroyed when the recording is complete. The second, a public key, is used for verification. To provide additional accountability, a second set of keys is generated that identifies the postal inspector who made the recording. This set of keys is embedded in a secure physical token that the inspector inserts into the system to activate the taping session. The token also signs the Digital Video Authenticator's public key, ensuring that the public key released with the video signatures was created by the inspector and can be trusted. SNIP - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: An attack on paypal -- secure UI for browsers
Yes, NOW if you can load yourself into kernel space, you can do anything and everything - Thou Art God to quote Heinlein. This is true of every OS. Except if you add that nice little TCPA bugger which can verify the kernel image you're running is the right and approved one. Q.E.D. Look at the XBox hacks for ideas as to why it's not a trival issue, but even so, one James Bond like buffer overflow in something everyone will have marked as trusted (say IE 8.0, or a specially crafted Word 2005 macro), and the 3v1l h4x0r party is back on and you iz ownz0red once more. It's not enough to fear Microsoft, you must learn to love it. Give us 2 minutes of hate for Linux now brother! --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ --*--:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Tue, 10 Jun 2003, Rich Salz wrote: But if the system is rooted, then the attacker merely has to find the today's secret word entry in the registry and do the same thing. Unless Windows is planning on getting real kernel-level kinds of protection. It was none other than Microsoft's NGSCB, nee Palladium. See http://news.com.com/2100-1012_3-1000584.html?tag=fd_top: See previous sentence. :)