DVR and law

Big Bob said:
*Given enough time and computing power. Both of which are finite. If the key is complex enough, you will run out of time (you will die) trying to crack the key using the available computing power. You can increase both by getting many people and computers to work together on the problem, but in the end, there is only so much computing power and so many people.
But computing power increases almost daily, and with the Internet and distributed computing, you can get millions of people involved very easily.

Remember: In WWII, the Germans had encryption (Enigma); we had linguistic code (the Navajo Code Talkers). The Allies cracked Enigma at Bletchley Park; but the Axis never knew they needed Navajos to crack the Allied code, so it was NEVER cracked. So history proves NightRyder is right...
 
Big Bob said:
*Given enough time and computing power. Both of which are finite. If the key is complex enough, you will run out of time (you will die) trying to crack the key using the available computing power. You can increase both by getting many people and computers to work together on the problem, but in the end, there is only so much computing power and so many people.

All it takes is one kid in say, Denmark, with a single PC, enough time and incentive and who doesn't know it's impossible to decode without a thousand supercomputer's running a hundred years. Sound familiar? We've heard this "unbreakable encryption" crap all before. It didn't mean anything then and it doesn't mean anything now.


NightRyder
 
Ken F. is technically right, but....

Ken- you did such a nice job of explaining the technical aspects of the BF that I wouldn't be suprised if you were in the "industry" :). BUUUUUUUT, you were a bit disingenous in some areas.

First, it is important to tell everybody concerned about this issue that the BF is still in what the FCC calls a "proposal" stage - that is, the exact rule has not been finalized and they are still soliciting comments about how the BF will be implemented. That means that, despite the stated intentions to not require the BF in certain scenarios, that can, and indeed probably will, change after they are paid off....errrr, lobbied by the "content industry". So, in short, no one, including the FCC, even knows what the final implementation of the BF will be like.

Second, your statement that the FCC has expressly disclaimed ever implementing the "Copy Never" flag is true only for "standard" OTA (i.e. free TV) broadcasts. The FCC clearly states in the BF proposal that this option can indeed by implemented/imposed by MCVD's (satellite and cable oeprators). Since, almost 90% of U.S. households (I believe that the exact number is 87.5%) get their TV from a "pay source", that means that a whole boatload of people could/will be denied their fair use rights for content they have legally "purchased" (via their subscription fee).

Third, your explantion of the stated "prevention of internet distribution of content" is correct, as far as it goes. But, no where in the BF proposal does it state how a device can be "hooked" to the internet, or what constitutes an "internet capable" device. I can (and do) hook my 510 to my home PC via composite cables and my PC is connected to the internet. Does that mean my 510 is "hooked" to the internet? To the MPAA, it damn sure does. The problem with your pat statement that "standalone devices will not be affected by the BF" is that there is absolutely no evidence of that. Without laying out details and defintions, nobody can know how the final BF implementation will run. In fact, the FCC (Powell in particular)has already publicly acknowledged that cable and satellite operators will most likely "Copy Never" flag PPV content, which means that none of us will be able to record that PPV that we PAID for. Extending the MPAA's stated intention to prevent the transfer of content (both digitally and by analog means) then there is every reason to believe that this "copy protection" could indeed be extended to standalone devices (yes, even to the internal HD of a DVR) by the time that the BF actually goes into effeect in June 2005. As I'm sure that you know, the BF is simply a bit in the digital TV (OTA, sat or cable) bitstream - this bit will by checked for its setting in every hardware device that "touches" the bitstream (including the TV itself). It would be a trivial matter to check the BF bit BEFORE (probalby in the buffering stage) the DVR allows it to go the hard drive.

Fourth, since you sound familiar with the 5C/HDCP (wich predates the BF proposal) system, then you probalby realize that the FCC-mandated BF proposal is based very much along the lines of the 5C system (in fact, you could say that it was the 5C system/folks that "inspired" the FCC). And the 5C system is designed to lock the bitstream down at every level that it touches. to esnure compliance. This is what the original CPWG (Copy Protection Working Group - Hollywood's special task force that originally designed the BF and bribed the FCC to implement) BF proposal mandated - a complete "strip search" of the bitstream at every level to scour out "noncomplying" devices. In short, the final impelementaion of the BF will probalby be closer to its "5C-like" original intention rather than the more "public friendly" version proposed by the FCC.

Finally, please do not take this post as a flame or a personal attack; actually, I commend you b/c you sound as if you have actually read the BF proposal, which many commentors on this issue have not. I just want to make sure that everybody who cares about this issue understands that the final implications of the BF proposal are not known at this time and that your rather rosy forecast of a world where "Big Content" loves the American people and generously decides to "allow" us our complete and unfettered fair use rights is at best, wildly optimistic and at worst, deliberately deceiving. Thanks for reading.

Brian
 
NightRyder said:
All it takes is one kid in say, Denmark, with a single PC, enough time and incentive and who doesn't know it's impossible to decode without a thousand supercomputer's running a hundred years. Sound familiar? We've heard this "unbreakable encryption" crap all before. It didn't mean anything then and it doesn't mean anything now.


NightRyder
Absolutely; read my post right above yours. In fact, the Germans thought preventing duplicate keys made Enigma "unbreakable"; but it turned out to be the weakness that enabled Bletchley Park to crack it, because it made the keys less than 100% random.
 
RBBrittain said:
But computing power increases almost daily, and with the Internet and distributed computing, you can get millions of people involved very easily.

Remember: In WWII, the Germans had encryption (Enigma); we had linguistic code (the Navajo Code Talkers). The Allies cracked Enigma at Bletchley Park; but the Axis never knew they needed Navajos to crack the Allied code, so it was NEVER cracked. So history proves NightRyder is right...


For every increase in computing power, just add a few more bits to the key. For every additional person working together to crack a key, just add a few more bits. You will run out of computing power and people before I run out of bits.

Of course, once all those bits have been added and the key becomes long enough, consumer products will not have the power to use the key. So a trade off must be made. Such a trade off is why

NightRyder said:
All it takes is one kid in say, Denmark, with a single PC, enough time and incentive ...

There will always be more available computer power and people than any consumer device could handle.


To most properly state this,
Anything encrypted has a key. Any consumer device with a key can be cracked.


BTW,
It really isn't that easy to get Millions to work together. Hundreds, yes. Thousands, a bit harder. Millions, definitely not easy. (And please don't use SETI @ home as an example. That was not easy to acomplish.)
 
My WWII example was NOT a consumer device; it was military encryption. Enigma may not have been as strong as 128-bit SSL, but then Alan Turing and the others at Bletchley Park didn't have PCs on their desk to crack it either. (Though one of the best candidates for "first computer" was one of the machines developed at Bletchley Park to help crack Enigma.)

My point was, as the computing power for MAKING the keys grows, so does the computing power for CRACKING them. Yes, it may take a very long time to hack the key--but that's just for "brute force" hacking, that is, trying every possible combination until it works. All you have to do is find the ONE correct key, and you're in; it may take millions of years, but it could just as easily be ONE TRY. And if you find a weakness (such as Enigma's lack of repeat keys), that can reduce the time exponentially.

Sorry, but SETI@home is a GOOD example. (So was the original Napster.) Perhaps it took a lot of brains to make it in the first place; but once that genius is reduced to a file and spread out over the Net, it becomes very easy. Just like cracking a key: Once one person cracks it and publishes the solution (like the kid in Norway who wrote DeCSS), "unbreakable" code becomes just a paperweight.

Of course, part of what you say is true: 128-bit SSL is crackable; but it works for e-commerce and online banking, because it takes so much time and equipment to hack that it's much easier and cheaper to buy lots of credit card numbers from a dumpster-diver than to hack your online session to get just one. (Even the hackers have easier means of attack, like phishing, or just hacking into the site itself.) But when the encrypted file is the latest Hollywood blockbuster instead, the social engineering aspect is more like military communications than online banking...
 

Dish. Won't. Let. Go.

When adjusting the Dish for the best signal strength?

Users Who Are Viewing This Thread (Total: 0, Members: 0, Guests: 0)

Who Read This Thread (Total Members: 1)