×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Would You Secure Personal Data With DRM Tools?

Soulskill posted about 6 months ago | from the enemy-of-my-enemy-is-my-friend dept.

DRM 101

museumpeace writes "From its own EmTech conference, Technology Review reports on a privacy strategy from Microsoft's Craig Mundie: When sharing music online took off in the 1990s, many companies turned to digital rights management (DRM) software as a way to restrict what could be done with MP3s and other music files — only to give up after the approach proved ineffective and widely unpopular. Today Craig Mundie, senior advisor to the CEO at Microsoft, resurrected the idea, proposing that a form of DRM could be used to prevent personal data from being misused." Mundie also thinks it should be a felony to misuse that data. He thinks larger penalties would help deter shady organizations from harvesting data the user isn't even aware of. "More and more, the data that you should be worried about, you don’t even know about."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

101 comments

Considering the logical consequences (0)

Anonymous Coward | about 6 months ago | (#45104233)

of the general perception in corporations of PDF = cannot be edited, this is a very dangerous proposition.

Re:Considering the logical consequences (2)

chromas (1085949) | about 6 months ago | (#45104289)

Besides, isn't most of the misuse being done by companies like Microsoft? Companies whose Agree button we already click to give permission to do whatever they want with our secret datums in order to use their soivices (especially the free ones). Well, them and all the trackers but they're unscrupulous anyway.

Re:Considering the logical consequences (1)

Penguinisto (415985) | about 6 months ago | (#45104587)

Besides, isn't most of the misuse being done by companies like Microsoft?

Well, not directly... but yeah.

Re:Considering the logical consequences (0)

Anonymous Coward | about 6 months ago | (#45106789)

Well, not directly

Skype allows the government to monitor way more than just your calls and messages. It can also access your browser data such as bookmarks and plugins as well as other data on your computer.

Skype is being investigated by Luxembourg's data protection commissioner over concerns about its secret involvement with the US National Security Agency (NSA) spy programme Prism, the Guardian has learned.
The Microsoft-owned internet chat company could potentially face criminal and administrative sanctions, including a ban on passing users' communications covertly to the US signals intelliigence agency.

http://www.theguardian.com/technology/2013/oct/11/skype-ten-microsoft-nsa?CMP=twt_gu [theguardian.com]

Re:Considering the logical consequences (1)

Penguinisto (415985) | about 6 months ago | (#45104575)

The false sense of security is only one reason why this is dangerous as hell
(seriously, *any* form of DRM can eventually be cracked. It's just a question of motivation and resources.)

The biggest problem is that once implemented... ... it'd likely be used as some form of identification (as opposed to ordinary recognition/paper IDs)and, ... the data becomes irretrievable (to the average individual) by anything other than the tools used to build it.

This means that in total, for all practical/commercial intents and purposes, you're stuck with lock-in on one hell of a scale. I bet that Microsoft would be more than happy to be the company that gets to make those locks, no?

Re:Considering the logical consequences (1)

Bengie (1121981) | about 6 months ago | (#45104639)

Exactly. If you want to know if the data has been modified, digitally sign it, but don't rely on DRM to keep people from modifying the data, just check to see if it was modified.

Hey, this DRM don't work --- (0)

Anonymous Coward | about 6 months ago | (#45104247)

I know... let's repackage it as privacy.

Re:Hey, this DRM don't work --- (1)

Golddess (1361003) | about 6 months ago | (#45104409)

It sounds more like, for lack of a better term, "reverse" DRM.

Alice is trying to give data to Bob, but not give it to Chuck. Problem is, Bob and Chuck are the same person.

In "normal" DRM, Alice is a big corporation, and I am Bob/Chuck.

In "reverse" DRM, I am Alice, and the big corporation is Bob/Chuck.

Though all that said, yes, it does sound like a step towards getting people to accept "normal" DRM.

Re:Hey, this DRM don't work --- (1)

wagnerrp (1305589) | about 6 months ago | (#45104505)

DRM only works when you provide the data, and that data is difficult to reproduce. There's always the "analog hole", and the data you give a company that could potentially be protected by DRM would be transcribed in just a few minutes by some lowly data entry employee. That data is miniscule compared to the volumes of data on behavioral patterns that are collected completely outside your control.

Record personal info as songs (1)

Anonymous Coward | about 6 months ago | (#45104259)

Record personal info in songs and sue any companies that sell them as copy infringement. Also use DMCA to force website to take down your info - they copied my lyric!

clever trick (5, Insightful)

duckintheface (710137) | about 6 months ago | (#45104407)

When Microsoft suggests anything to "protect" the user, I immediately look for the trap. In this case it's easy to find. When DRM violations are made a felony, it won't be a felony only when the violated party is the user. This is a back door way to make DRM violations against big corporations a felony. This has nothing to do with protecting users and everything to do with helping corporations.

Re:clever trick (1)

Jane Q. Public (1010737) | about 6 months ago | (#45104463)

"This is a back door way to make DRM violations against big corporations a felony. This has nothing to do with protecting users and everything to do with helping corporations."

I agree that it should probably be a felony to gather or misuse personal data. I do not think felony should be applied to copyrighted works. Very big difference, there.

Currently, "downloading" (making copies of copyrighted works for personal use), is not even a crime. Nor should it be. Piracy, however, which is a legal term referring to copying for profit (e.g., making bulk copies and selling them), IS a crime and probably should be.

But they are not the same things, despite the industry's attempts to deliberately confuse them.

Re:clever trick (2)

fredprado (2569351) | about 6 months ago | (#45104609)

But they are not the same things, despite the industry's attempts to deliberately confuse them.

The problem the GP points to is that they will be confused into the same thing sooner or later.

Re:clever trick (1)

duckintheface (710137) | about 6 months ago | (#45104879)

"I agree that it should probably be a felony to gather or misuse personal data. I do not think felony should be applied to copyrighted works. Very big difference, there."--- Jane Q. Public

I agree with eveything you say... but how do you make the legal distinction? If "corporations are people my friends", then corporate data IS personal data. The evil starts by pretending that corporations have rights. Corporations have priviledges and responsibilities but they don't have rights because they are NOT people.

Re:clever trick (1)

Jane Q. Public (1010737) | about 6 months ago | (#45106493)

" If "corporations are people my friends", then corporate data IS personal data. The evil starts by pretending that corporations have rights. Corporations have priviledges and responsibilities but they don't have rights because they are NOT people."

I agree. And who promoted that evil? The Supreme Court.

What many people (and even SCOTUS) don't seem to realize is what an enormously hypocritical concept that is. If corporations have "rights", then the vast majority of government regulation of corporations is unconstitutional! If the corporation is a person, and has rights, then if it's 18 years old it can vote! As ridiculous as that sounds, that's what they're saying.

They can have one, but they can't have both. Sooner or later, that particular house of cards will come down.

Re:clever trick (1)

Nerdfest (867930) | about 6 months ago | (#45106809)

I keep saying that it should also preclude these layered (for tax purposes, etc) corporations as if corporations are people then one corporation owning another is slavery. It would also help stop them from hiding behind shells for legal liability.

Re:clever trick (0)

Anonymous Coward | about 6 months ago | (#45104659)

When corporations talk about protecting customers they mean from the point of view of the company. That is, the protection they want to provide is one against their customers taking their business elsewhere.

Harsher penalties, that's the ticket (3, Insightful)

fustakrakich (1673220) | about 6 months ago | (#45104267)

You know, because it works so well, it has completely wiped out the drug trade, and there's no more murders now with our fancy death penalty. Prison for all! Lock 'em up before they commit the crime. That's even better. When you're born, it's straight to jail, until you have rehabilitated yourself.

Re:Harsher penalties, that's the ticket (0)

Anonymous Coward | about 6 months ago | (#45104319)

Ah yes, the modern return of Original Sin. I suppose it's only a matter of time.

Sedition! (0)

Anonymous Coward | about 6 months ago | (#45104325)

You unamerican has been, to hell with you. Our war on drugs if for children. Don't you understand? And our war on the instructor that would misuse a text file containing information about your son's favorite color will be for much the same reason. Children. They're the future.

Re:Sedition! (1)

evilviper (135110) | about 6 months ago | (#45104401)

You unamerican has been, to hell with you. Our war on drugs if for children. Don't you understand?

Nope. I can honestly say I don't. Not a single word.

Re:Harsher penalties, that's the ticket (1)

Anonymous Coward | about 6 months ago | (#45104331)

When you're born, it's straight to jail, until you have rehabilitated yourself.

You're being overly dramatic. Kids don't start public schooling until they're five.

Re:Harsher penalties, that's the ticket (0)

Anonymous Coward | about 6 months ago | (#45104347)

Yeah harsher penalties for installing Windows. That crap needs to stop yesterday. That's where much of the data leaks are coming from in the first place. Until we address the source, things aren't going to get better.

Re:Harsher penalties, that's the ticket (0)

Anonymous Coward | about 6 months ago | (#45104779)

You know, because it works so well, it has completely wiped out the drug trade,

There is a big difference between instituting harsher penalties for something that fails to work and making it A crime to misuse data.
Right now, there is really no deterrent to people screwing with your personal info. Perhaps if there was, companies would be more careful in using it only as needed.

MicroSlaw, a satire I sent to the USDOJ in 2002 (1)

Paul Fernhout (109597) | about 6 months ago | (#45105331)

http://www.pdfernhout.net/microslaw.html [pdfernhout.net]

This was originally posted to Slashdot on May 25 2002:
        http://slashdot.org/comments.pl?sid=33107&cid=3582999 [slashdot.org]
It was in relation to an article: "MPAA to Senate: Plug the Analog Hole!"
about the MPAA wanting copyright protection built into all computer hardware. I sent a copy to Richard Stallman back then and he said it made him laugh. :-) My comments to the Department of Justice request for comments were in the form of this satire:

Transcript of April 1, 2016 MicroSlaw Presidential Speech (Before final editing prior to release under standard U.S. Government for-fee licensing under 2011 Fee Requirements Law)

My fellow Americans. There has been some recent talk of free law by the General Public Lawyers (the GPL) who we all know hold un-American views. I speak to you today from the Oval Office in the White House to assure you how much better off you are now that all law is proprietary. The value of proprietary law should be obvious. Software is essentially just a form of law governing how computers operate, and all software and media content has long been privatized to great economic success. Economic analysts have proven conclusively that if we hadn't passed laws banning all free software like GNU/Linux and OpenOffice after our economy began its current recession, which started, how many times must I remind everyone, only coincidentally with the shutdown of Napster, that we would be in far worse shape then we are today. RIAA has confidently assured me that if independent artists were allowed to release works without using their compensation system and royalty rates, music CD sales would be even lower than their recent inexplicably low levels. The MPAA has also detailed how historically the movie industry was nearly destroyed in the 1980s by the VCR until that too was banned and all so called fair use exemptions eliminated. So clearly, these successes with software, content, and hardware indicate the value of a similar approach to law.

There are many reasons for the value of proprietary law. You all know them since you have been taught them in school since kindergarten as part of your standardized education. They are reflected in our most fundamental beliefs, such as sharing denies the delight of payment and cookies can only be brought into the classroom if you bring enough to sell to everyone. But you are always free to eat them all yourself of course! [audience chuckles knowingly]. But I think it important to repeat such fundamental truths now as they form the core of all we hold dear in this great land.

First off, we all know our current set of laws requires a micropayment each time a U.S. law is discussed, referenced, or applied by any person anywhere in the world. This financial incentive has produced a large amount of new law over the last decade. This body of law is all based on a core legal code owned by that fine example of American corporate capitalism at its best, the MicroSlaw Corporation.

MicroSlaw's core code defines a legal operating standard or OS we can all rely on. While I know some GPL supporters may be painting a rosy view of free law to the general public, it is obvious that any so called free alternative to MicroSlaw's legal code fails at the start because it would require great costs for learning about new so-called free laws, plus additional costs to switch all legal forms and court procedures to the new so called free standard. So free laws are really more expensive, especially as we are talking here about free as in cost, not free as in freedom.

In any case, why would you want to pay public servants like those old time -- what were they called? -- Senators? Representatives? -- around $145K a year out of public funds just to make free laws? Laws are made far more efficiently, inexpensively and, I assure you, justly, by large corporations like MicroSlaw. Such organizations need the motivation of micropayments for application, discussion or reference of their laws to stay competitive. MicroSlaw needs to know who discusses what law and when they do so, each and every time, so they can charge fairly for their services and thus retain their financial freedom to innovate. And America is all about financial freedom, right! [Audience applause].

And why should your hard earned tax dollars go to pay public citizens to sit on juries and render open justice when things could be done so much more quickly and cheaply by commercial organizations working behind closed doors? Why, with free law each and every one of you might have to take time out of your busy schedules to sit in a court room and decide the guilt or innocence of a peer!

And why pay a judge's salary out of taxes, such has been proposed? Judges clearly should be compensated on a royalty basis by anyone referencing decisions a judge produces. This encourages judges to swiftly produce more decisions as well as decisions that big legal corporations like MicroSlaw want to cite more often, which is good for the economy.

Top law schools would have to shut their doors if most law was not proprietary, as who would pay $100,000 up front to join a profession where initiates release their work mainly into the public domain? Obviously there would no longer be any legal innovation without private laws requiring royalties when discussed, since who would spend their time writing new laws when there is no direct financial return on their investment?

And of course, lawyers will not be paid well without earning royalties on private laws, since if they can't sell all royalty rights to their legal work directly to large corporations, how will they make a decent living? Why, even if public money is spent on developing laws, say, at universities, it is clear such laws will not be respected, further developed, or widely distributed unless somebody owns those laws too and so can make money from selling access to them. It's beyond me why people sometimes act like there could be a spirit of volunteerism in this great land of ours after all the effort we have put into stamping that out, such as by making it illegal to help someone for free. Also, since the Internet had to be shut down early in this administration to prevent children from viewing pornography without paying, distribution of new information will always be expensive.

Each lawyer out there should remember to uphold the current proprietary legal system, because you too may win the law lottery and become as rich and famous as the founder of MicroSlaw -- but only if you start with a trust fund! [Indulgent audience laughter]

I know some lawyers out there are concerned about being replaced by the lawyers most major law corporations are now importing from India and China. Let me assure you, this does not threaten your livelihood, because there is currently a lawyer shortage restricting our economic growth, and those Indian and Chinese lawyers have extensive resumes indicating years of experience developing U.S. laws. For you business people out there, it is also my understanding those imported lawyers make model workers because they can't easily change jobs. Thus I have supported removing all restrictions on bringing over such imported lawyers, in an effort to stimulate economic growth in this fair land of ours.

[Inaudible shouted question] Citizenship? Naturally we would not want to offer such imported lawyers any form of citizenship when they come over because they are not Americans -- that should be obvious enough. We're hoping they go back to where they came from after we are done with them, since there are always eager workers in another country we can later exploit at lower wages, I mean provide economic enhancement opportunities for. Besides, dammit, have you seen the color of their skin?

[Inaudible shouted question] Ageism? I remind everyone here that, obviously, as has been conclusively shown by studies MicroSlaw itself has so charitably funded, older American lawyers can not be retrained to know about new laws, so I implore all lawyers as patriots to plan to learn a new profession after age thirty-five so you do not become a burden on your beloved country.

[Inaudible shouted question] Prisons? There are only a million Americans behind bars for copyright infringement so far. No one complained about the million plus non-violent drug offenders we've had there for years. No one complained about the million plus terrorists we've got there now, thanks in no small part to a patriotic Supreme Court which after being privatized upheld that anyone who criticizes government policy in public or private is a criminal terrorist. Oops, I shouldn't have said that, as those terrorists aren't technically criminals or subject to the due process of law are they? Well it's true these days you go to prison if you complain about the drug war, or the war on terrorism, or the war on infringers of copyrights and software patents -- so don't complain! [nervous audience laughter] After all, without security, what is the good of American Freedoms? Benjamin Franklin himself said it best, those who don't have security will trade in their freedoms.

I'm proud to say that the U.S. is now the undisputed world leader in per capita imprisonment, another example of how my administration is keeping us on top. Why just the other day I had the U.N. building in New York City locked down when delegates there started talking about prisoner civil rights. Such trash talk should not be permitted on our soil. It should be obvious that anyone found smoking marijuana, copying CDs, or talking about the law without paying should face a death penalty from AIDS contracted through prison rapes -- that extra deterrent make the system function more smoothly and helps keep honest people honest. That's also why I support the initiative to triple the standard law author's royalty which criminals pay for each law they violate, because the longer we keep such criminals behind bars, especially now that bankruptcy is also a crime, the better for all of us. That's also why I support the new initiative to make all crimes related to discussing laws in private have a mandatory life sentence without parole. Mandatory lifetime imprisonment is good for the economy as it will help keep AIDS for spreading out of the prison system and will keep felons like those so called fair users from competing with honest royalty paying Americans for an inexplicably ever shrinking number of jobs.

Building more prisons... [Aside to aid who just walked up and whispered in the president's ear: What's that? She's been arrested for what again? Well get her off again, dammit. I don't care how it looks; MicroSlaw owes me big time.]

Sorry about that distraction, ladies and gentlemen. Now, as I was saying, building more prisons is good for the economy. It's good for the GNP. It's good for rural areas. Everyone who matters wins when we increase the prison population. People who share are thieves plain and simple, just like people who take a bathroom break without pausing their television feed and thus miss some commercials are thieves. Such people break the fundamental social compact between advertisers and consumers which all young children are made to sign. And let me take this opportunity to underscore my administration's strong record on being tough on crime. MicroSlaw's system for efficient production of digitized legal evidence on demand is a key part of that success. So is the recent initiative of having a camera in every living room to catch and imprison those not paying attention when advertising is on television, say by making love or even talking. Why without such initiatives, economic analysts at MicroSlaw assure me that the GNP would have decreased much more than it has already. Always remember that ditty you learned in kindergarten, Only criminals want privacy, because a need for privacy means you have something evil to hide.

[Inaudible shouted question] Monopolies? Look, nothing is wrong with being a monopoly. It's our favorite game, isn't it? Sure, we might slap somebody on the wrist now and then [winks] but everyone in America aspires to be a monopolist, so why not just have more of them? Why not let every creative lawyer be their own little monopolist permanently on some small piece of the law. It's the American way; it's the will of the people.

Look, these questions are getting annoying. The next person who asks a question will have their universal digital passport suspended immediately via video face recognition! [Hush from crowd.] Or at least, someone who looks like you will! [General relieved laughter.]

Here is the bottom line. If all law was not proprietary, lawmaking corporations like MicroSlaw wouldn't be able to make as much money as they do the way they are currently doing it. So the economy would further collapse, plunging the U.S. into an even worse recession than the one we are in now, which, as experts have shown, is the legacy of all the illegal software and media copying in the late 1990s. Look, we've already cut all nonessential government programs like Head Start, monitoring water quality, researching alternate energy, and improving public health. Free law would mean a further reduction of tax revenues and we would have to make tough choices about reducing spending on essential things like developing better weapons of mass destruction, imprisoning marijuana users, propping up oppressive regimes, and promoting unfunded mandates like higher school testing standards. I assure you, these priorities will never change as long as I am president, and I will always make sure we have money for such essential government functions, whatever that takes. So I urge you to never support the creation of free law, which might undermine such basic government operations ensuring your security, and further, to turn in anyone found advocating such.

By the way, I am proud to announce government homeland security troops are successfully retaking Vermont even as we speak. Troops will soon be enforcing federal school standards there with all necessary force. Their number one priority will be improving the curriculum to help kids understand why sharing is morally wrong. Too bad we had to nuke Burlington before they would see the light, har, har, [weak audience laughter] but you can see how messed up their education system must have been to force us to have to do that. And have no fear, any state that threatens the American way of life in a similar fashion will be dealt with in a similar way. I give you my word as an American and as your president sworn to uphold your freedom to live the American lifestyle we have all grown accustomed to recently, and MicroSlaw's freedom to define what that lifestyle is to their own profit.

So, in conclusion, a body of legal knowledge free for all to review and discuss would be the death of the American dream. Remember, people who discuss law in private without paying royalties are pirates, not friends. Thus I encourage you all to report to MicroSlaw or your nearest homeland security office anyone talking about laws or sharing legal knowledge in other than an approved fashion and for a fee. Always remember that nursery school rhyme, there is money for you in turning in your friends too.

God Bless! This is a great country! [Wild audience applause.]

Addendum -- March 4, 2132 -- Freeweb article 2239091390298329372384 Archivists have just now recovered the above historic document from an antique hard disk platter (only 10 TB capacity!) recently discovered in the undersea exploration of a coastal city that before global warming had been called Washingtoon, D.C.. It is hard for a modern sentient to imagine what life must have been like in those dark times of the early 21st Century before the transition from a scarcity worldview to a universal material abundance worldview. It is unclear if that document was an actual presidential speech or was intended as satire, since most digital records from that time were lost, and the Burlington crater has historically been attributed to a Cold Fusion experiment gone wrong. In any case, this document gives an idea of what humans of that age had to endure until liberty prevailed.

Copyright 2002 Paul D. Fernhout Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.

License
Copyright 2002-2008 Paul D. Fernhout

Permission is granted to copy, distribute and/or modify this under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts.
http://en.wikipedia.org/wiki/Wikipedia:Text_of_the_GNU_Free_Documentation_License [wikipedia.org]

----

Still, some other stuff I have written about:
"License management tools: good, bad, or ugly?"
https://groups.google.com/forum/#!topic/gnu.misc.discuss/30tDY9VE92Y [google.com]

seriously though (0)

Anonymous Coward | about 6 months ago | (#45104293)

the strategy reminds me of the people that comment on a blog or news story and use a copyright notice as their sig.

You wouldn't... (4, Funny)

SJHillman (1966756) | about 6 months ago | (#45104295)

I wouldn't secure my personal data with the same thing that's apparently keeping me from downloading a car

Is he serious? (2)

stewsters (1406737) | about 6 months ago | (#45104297)

He thinks larger penalties would help deter shady organizations from harvesting data the user isn't even aware of.

The NSA is still going to harvest your data, laws clearly don't stop them. This will only be use as another point to increase the penalties for kids caught file-sharing, and they are already pretty extreme. $675,000 for 30 songs [npr.org], might as well be a drug dealer.

How about no? (2)

reiserifick (2616539) | about 6 months ago | (#45104327)

A technical solution to a moral/ethical problem is doomed to failure, as someone will always be able to work around the technical "solution". Stiff penalties for abusing personal information is actually a good idea, however.

Re:How about no? (1)

phantomfive (622387) | about 6 months ago | (#45104545)

A technical solution to a moral/ethical problem is doomed to failure,

I'm not sure this quote is being understood correctly. Locks work fairly well for keeping people out of my house, for example. They aren't 100% perfect, but you can absolutely increase the security levels to the point where it is more effort to steal the thing than the thing is worth.

anyone can kick your door in. I can pick it. (1)

raymorris (2726007) | about 6 months ago | (#45104819)

"Locks keep people out of my house". They don't keep bad guys out. Anyone can kick the door in. I can pick the lock, as can many other people. A lock is a REQUEST. a "do not disturb" sign.

How about much bigger locks, like a bank vault? Have you ever noticed that most banks keep their vault door a) open and b) well polished? Does that look like security, or security theatre? Notice that next to the thick steel door is a plaster wall.

It's fairly rare that you can increase security enough that something is more expensive to steal than it's worth. Sometimes, but rarely. What you CAN do is avoid being low-hanging fruit. If only I use encryption while everyone else uses plain text, I'm safer. I don't have to outrun the bear, so to speak. If everyone encrypts their data , the bag actors will download the hack tool to decrypt it.

Be fair to the bank. (0)

Anonymous Coward | about 6 months ago | (#45105091)

That plaster wall is covering up a poured concrete firewall about 10 inches thick. And the same goes for the ceiling and floor.

The door is open during the day to get air circulation into the vault. Especially the small ones that most bank branches have. They tend not to have ANY other opening but the door.

Re:anyone can kick your door in. I can pick it. (1)

phantomfive (622387) | about 6 months ago | (#45105299)

It's fairly rare that you can increase security enough that something is more expensive to steal than it's worth.

No, you are very wrong. In most cases it's easy. For example, in my house, the value of everything is less than $10k. If you can't think of a way to increase the cost of robbing my house to beyond $10k, you're naive.

kick in door, load electronics (1)

raymorris (2726007) | about 6 months ago | (#45105967)

I'd bet $100 I could simply kick in your door and walk out with your stuff.

You COULD spend $10,000 on a security system to protect your $10,000 worth of stuff. That would be stupid, though, wouldn't it.

Let's say you did spend $10,000 on security. In that case , a burglar would want to spend $4 on a ski mask and maybe $13 on a post driver to knock the door in. Then smash the door in an QUICKLY grab $3,000 worth of electronics etc. You spent $10,000, the bad guy spent $17 to defeat it (and didn't wait around for the security company to first call you, then call the cops.)

I used to work as a locksmith. Now I secure computer systems for a living. I've yet to see one I couldn't break with ease. There ARE some strong security measures you can take with a computer, just like there are quality locks. Quality locks won't stop a large crowbar and no amount of computer security will stop a root kit.

Re:kick in door, load electronics (1)

phantomfive (622387) | about 6 months ago | (#45106871)

You can win any argument if you change the argument.

what changed? (1)

raymorris (2726007) | about 6 months ago | (#45106885)

You said it's easy to secure your house such that it costs more than $10,000 to break in. I pointed out that no, it wouldn't cost more than $17 to break in. I can see why you might want to change your argument.

Re:what changed? (1)

phantomfive (622387) | about 6 months ago | (#45106889)

And you can't think of a way to secure my house such that it costs more than $10,000 to break in?

not anything reasonable, got something? (1)

raymorris (2726007) | about 6 months ago | (#45107035)

Can you? You could cover your $10,000 house with $100,000 of concrete. It'd no longer be your house, though, since you couldn't get inside. Not a bad way to handle high level nuclear waste, though.

You could set up a shotgun booby trap and you'd probably end up in prison or dead.

Armed guards 24 / 7? Two guards at $20 / hour is $50,000 / year to protect $10,000 of property, and STILL it only costs the bad guy a few bucks to shoot them.

It's normally going to cost the owner more to completely protect the property than it costs to break that protection, simply because it's easier to break things to build things. There's a law to that effect in quantum physics or something. It doesn't make sense to spend more protecting it than it's worth, therefore the cost to steal it won't be more than it's worth.

However, you CAN make it harder to steal your stuff than to steal the neighbor's stuff. You're not preventing the theft, just persuading the bad guy to steal from your neighbor.

I suppose in the naive view you could say that the death penalty for petty theft would make it more costly than it's worth. However, that's a naive calculation because it would have huge costs to the defender. When your son steals a candy bar he's dead, so that's not really an option.

Lastly, one could twist the question and bring in SPIRITUAL costs, saying that stealing, and getting away with it, costs the bad guy's soul. That might even be true, but it doesn't solve the question asked because you proposed that YOU can DO something to protect your house, not that spiritual laws already make it costly.

Re:not anything reasonable, got something? (1)

phantomfive (622387) | about 6 months ago | (#45107085)

Well, you thought of some ways, thereby proving you are not a complete idiot. Good job.

You are however, irredeemably argumentative. Too bad.

so in other words "no", you have nothing? open sou (1)

raymorris (2726007) | about 6 months ago | (#45108065)

So in other words, no you have no reasonable way to prevent someone from breaking into your house, or even making it difficult to do so. You could just admit you were wrong instead of acting more and more of an asshole with each post.

Your interesting signature references beautiful open source code. Do you know how we get beautiful open source code? I post something on my github, Tim points out how it could be improved. I make those improvements, "admittingx" that my original code had flaws. Then Mary comes along and points out more imperfections. I admit it still wasn't perfect and make the changes. Then it goes to the integrators for a repeat. That's how we end up with beautiful code, by admitting that our first thought wasn't quite right. Hell even Microsoft admits they were wrong with Windows 8. Are you as intellectually honest as Microsoft?

I am curious about your sig. What do you have going there? Tim Hunt produces some code that's beautiful in it's perfection, but you may be looking for beauty in terms of being concise and as simple as possible. There's an implementation of strcpy that's beautiful in that way, something along the lines of:

while (dest++ = src++);

Re:so in other words "no", you have nothing? open (1)

phantomfive (622387) | about 6 months ago | (#45109435)

So in other words, no you have no reasonable way to prevent someone from breaking into your house, or even making it difficult to do so. You could just admit you were wrong instead of acting more and more of an asshole with each post.

A lock on the front door works well enough for my own purposes. What I have seen in a case where a church kept having their televisions stolen by gang members, they got a steal door for the storage room and lined the entire inside of the room with a cage made of rebar. BTW I didn't say the security measures had to cost less than $10k, that's probably where you got confused.

Your interesting signature references beautiful open source code. Do you know how we get beautiful open source code? I post something on my github, Tim points out how it could be improved. I make those improvements, "admittingx" that my original code had flaws. Then Mary comes along and points out more imperfections. I admit it still wasn't perfect and make the changes. Then it goes to the integrators for a repeat. That's how we end up with beautiful code, by admitting that our first thought wasn't quite right. Hell even Microsoft admits they were wrong with Windows 8. Are you as intellectually honest as Microsoft?

Go ahead, check it out [github.com]

I am curious about your sig. What do you have going there? Tim Hunt produces some code that's beautiful in it's perfection, but you may be looking for beauty in terms of being concise and as simple as possible. There's an implementation of strcpy that's beautiful in that way, something along the lines of:

Generally looking for beauty in any way.....some code can be visually attractive but a nightmare to work on (like stuff at the IOCC), other code is not pretty to look at but incredibly flexible and easy to work with.......both are beautiful.

Re: what changed? (0)

Anonymous Coward | about 6 months ago | (#45107063)

No, and neither can I. Who the hell ever heard of a thief spending $10k to break into anything? Are you going to surround your house with landmines so the thief needs a sacrificial tank to get past them? There is NO reasonable, legal means of protecting a home from robbery that costs thousands of dollars to defeat, unless you're talking about 24 hour armed guards, and that gets pricey fast. But we started out talking about locks. Locks keep honest people honest. No door or lock is going to keep a thief out by itself, it can only work in combination with an alert police department and tough laws.

Re:anyone can kick your door in. I can pick it. (1)

ArbitraryName (3391191) | about 6 months ago | (#45105961)

"Locks keep people out of my house". They don't keep bad guys out. Anyone can kick the door in. I can pick the lock, as can many other people. A lock is a REQUEST. a "do not disturb" sign.

Of course locks keep people out. They keep out anyone who is less determined than the effort and risk circumventing the lock poses. Why do you think criminals walk through parking lots checking door handles for open doors? By your logic they would just start smashing windows.

How about much bigger locks, like a bank vault? Have you ever noticed that most banks keep their vault door a) open and b) well polished? Does that look like security, or security theatre? Notice that next to the thick steel door is a plaster wall.

If you think that bank vaults are big steel doors surrounded by plaster walls, you're a dumbass.

It's fairly rare that you can increase security enough that something is more expensive to steal than it's worth. Sometimes, but rarely. What you CAN do is avoid being low-hanging fruit.

Oh. You are a dumbass. "Low hanging fruit" is something that is less trouble/risk to steal than its worth. Physical security revolves entirely around the concept that you claim is "rare".

having watched someone check door handles (1)

raymorris (2726007) | about 6 months ago | (#45106833)

I watched a thief check door handles once, looking for low hanging fruit. As I said, as long as he found plenty unlocked, the locked ones were safer. When four in a row were locked, he smashed a window. Locks didn't keep him out, not when either a lots of people used them or he saw something he wanted.

That thief is currently serving time for murder for hire.

ps you're saying Ferrari with alarm low hanging (1)

raymorris (2726007) | about 6 months ago | (#45106867)

BTW, you can hook and book a Ferrari with an alarm. It's worth more than it takes to steal, so by your definition. it's. low hanging fruit. I don't think that. means what you think it means.

I think low hanging fruit is comparative - the bad Guy won't. break into my house of my neighbor leaves his door wide open. If we ALL lock our doors, the thief will get a crow bar.

Posted via crappy old phone that inserts extra periods.

Nice try (2)

sl4shd0rk (755837) | about 6 months ago | (#45104353)

This sounds like a company dying of a sucking chest wound. Any way to leverage a hated technology and force it onto people while collecting money from the RIAA/MPAA for it's implementation.

Re:Nice try (0)

Anonymous Coward | about 6 months ago | (#45104767)

Between licensing fess, patent buyouts then enforcement, and the company owning stock in some of the most powerful companies (not even related to software/hardware) this seems to be how they are making there money anymore.

I seriously question any claims MS has over where they are making there money ie, software sales.. MS has a BS in BS.. They have a government propaganda approach to every press release or announcement.

Next time the RIAA/MPAA bitch and moan over loss of revenue, I want to know how many millions the continue to throw at this anti-piracy nonsense, as well as buying off companies and org., like the W3C to force DRM on people.

Right... (4, Insightful)

fuzzyfuzzyfungus (1223518) | about 6 months ago | (#45104357)

Even if you thought that this was a good idea, how would you?

The foundation of DRM is building computers whose primary allegiance is to some entity other than their owners, with this allegiance enforced by technical means (and, in the most pure form, building computers that 'default-deny' all non-DRMed content in order to make cracked cleartext copies from subverted systems useless: the iDevice 'app' situation or the contemporary console space is probably the best example of this: both realize that the cat is out of the bag for music, and most of the way for movies; but unblessed application binaries are simply refused; so, while doing so is easy, obtaining 'cracked' apps is useless without a blessed signing key).

If the intended victim is end users, this works; because the root-of-control entity simply has to have financial and/or legal ties with the 'content owners' that are closer than its ties to end users.

If actually-powerful-and-influential data brokers/advertisers/spooks/etc. are the target, though, who, pray tell, is going to be the cryptographic root of control? Google? Uncle Sam? Microsoft? Don't be absurd.

Re:Right... (1)

phantomfive (622387) | about 6 months ago | (#45104553)

The allegiance would be to Microsoft. Microsoft would take the power from both users, and the content creators.

Much like Apple has done with their iPhone.

Re:Right... (1)

fuzzyfuzzyfungus (1223518) | about 6 months ago | (#45105629)

I find it hard to imagine that they weren't deliberately being dicks when they named their 'enterprise' DRM-for-documents-and-stuff system "Rights Management Services" and refer to it as 'RMS' throughout the documentation.

That aside, they probably are proposing themselves as the totally-neutral-and-disinterested seller of 'trusted' systems and software to absolutely everybody. Like good old Clipper; but private sector!

Re:Right... (-1)

Anonymous Coward | about 6 months ago | (#45104873)

Mod this up to +6 please. At least.

Even if you thought that this was a good idea, how would you?

The foundation of DRM is building computers whose primary allegiance is to some entity other than their owners, with this allegiance enforced by technical means (and, in the most pure form, building computers that 'default-deny' all non-DRMed content in order to make cracked cleartext copies from subverted systems useless: the iDevice 'app' situation or the contemporary console space is probably the best example of this: both realize that the cat is out of the bag for music, and most of the way for movies; but unblessed application binaries are simply refused; so, while doing so is easy, obtaining 'cracked' apps is useless without a blessed signing key).

If the intended victim is end users, this works; because the root-of-control entity simply has to have financial and/or legal ties with the 'content owners' that are closer than its ties to end users.

If actually-powerful-and-influential data brokers/advertisers/spooks/etc. are the target, though, who, pray tell, is going to be the cryptographic root of control? Google? Uncle Sam? Microsoft? Don't be absurd.

Lockdown is a feature (1)

tepples (727027) | about 6 months ago | (#45107593)

The foundation of DRM is building computers whose primary allegiance is to some entity other than their owners, with this allegiance enforced by technical means (and, in the most pure form, building computers that 'default-deny' all non-DRMed content in order to make cracked cleartext copies from subverted systems useless: the iDevice 'app' situation or the contemporary console space is probably the best example of this

In 1985, legit consumers saw this default-deny policy as a feature. They had been burned by a flood of poor quality releases on the Atari 2600, and not having to take a chance on a game that turns out to be absolute crap was a selling point for the then-new Nintendo Entertainment System. A gamer back then didn't want the hardware's allegiance to be to him because he lacked the time and money ($60 or more after adjusting for inflation) to buy each new game and vet it himself.

Re:Lockdown is a feature (1)

fuzzyfuzzyfungus (1223518) | about 6 months ago | (#45114137)

You don't really need 'default-deny' in the DRM sense to achieve that, just a simple, trademark-law-backed seal of approval (which, indeed, Nintendo had, and slapped on more than few totally shit titles, so long as the vendors thereof were participating in their licensing program... not unlike the notorious dogs for the Atari 2600 that were first-party releases, and thus would have cut like a neutrino through any default-deny policy built into the 2600...)

For any console in the pre-networking period (defined, for these purposes, as the 'pre-networking-being-something-that-was-normal-for-consoles', obviously computer interconnects across sites go back well before consoles existed), it's not like a game was going to jump out and do a drive-by install on you. You needed to hit the shelf and buy the thing for it to be a risk(if anything, the 10NES simply reduced reliability of unlicensed, and occasionally of licensed, games).

It wasn't really until computers with persistent state (which had something of a sneakernet virus problem) and eventually internet connections (which had and continue to have a raging malware problem) were 'default deny' as a technical policy actually provides the user with any gains not trivially provided by trademarks.

Re:Lockdown is a feature (1)

tepples (727027) | about 6 months ago | (#45114211)

Thanks for reminding me about certification marks [wikipedia.org]. Now I'll see how certain PlayStation fans who trot out the 1983-1984 console recession as an argument in favor of entry barriers react to this.

Uh, this is actually brilliant. (1)

crovira (10242) | about 6 months ago | (#45107765)

"some entity other than their owners" but what if YOU own and enforce it.

"Publish" all of your data to a backup drive, apply DRM to "secure it*" and issue take downs to any intruder (like the NSA) to force them to remove it or face litigation and hassles from the sheriff.

All you need to do is have a warning page/file at the lowest lever on the backup drive and then encrypt your backup.

*) "Secure it" can be as flimsy as the original DVD DRM. The point is to insure the protection of the law, however unwilling the law might be to provide it.

Re:Uh, this is actually brilliant. (1)

fuzzyfuzzyfungus (1223518) | about 6 months ago | (#45114153)

Unlike copyright (which creates an ownership right/control in the given work regardless of how it was obtained), DRM only makes attacking the DRMed system legally problematic. It provides no protection whatsoever if the same data are obtained by other channels, and is legally in the same (uncertain in the US, somewhere between 'leaky' and 'sunk' in the UK) boat as conventional personal data encryption for protecting media seized directly by the feds. In the UK, the RIPA allows them to compel you to disclose the key, in the US there seems to be some indecision as to whether the key is covered by the 5th amendment or not(and, if it is, whether forcing the suspect to unlock the encrypted volume upon request; but allowing them to keep the key secret, suffices to protect the 5th amendment interest in the key).

Completely idiotic... (5, Insightful)

evilviper (135110) | about 6 months ago | (#45104369)

In this case, the "DRM" in question a tiny bit of metadata saying "please don't do X with this".

Sure, your data is encrypted, but as with all DRM, you're giving out the decryption key along with it. It was always a stupid idea that can NEVER work.

If you want to see the end result of well-implemented DRM, see Blu-rays... Everybody can play and copy any Blu-ray disc they want, but somebody has to go through the small hassle to do so. If the official player programs weren't closed-source and heavily obfuscated, it wouldn't even take any effort at all. That is really why Microsoft likes to push DRM... It's a back-door way to eliminate open source software from consideration.

So the crux of his point is: âoeYou want to say that there are substantial legal penalties for anyone that defies the rules in the metadata. I would make it a felony to subvert those mechanisms.â

Without the laws in place to enforce that, DRM doesn't help you AT ALL. With the laws in place to restrict what can be done with your private information, YOU DON'T NEED THE DRM.

Re:Completely idiotic... (0)

Anonymous Coward | about 6 months ago | (#45108057)

Password protected files work somewhat better, or more convenient, storing things in the "cloud". (not that much secure either, but still safe against "pirates")

DRM is a deterrent, not protection. It's good for gigantic corporations that can sue you into oblivion if they can prove you broke that "protection". And it would work to some degree, because the protection for the "property" would come from intimidation.
For the individual user, for the small entrepreneurs it's a nice tool to harass the user and sure fire way to kill their own growth (unless they live in the Dilbert universe. Then again, most of those strips are based on reality ...)

Not generally, no. (1)

nine-times (778537) | about 6 months ago | (#45104371)

There may be some specific instance where I would consider using DRM, but mostly DRM stupidly prevents valid usage while failing to stop a persistent attacker. It's the nature of such things.

That is unless, of course, you're counting all encryption as "DRM". Encryption is useful. But the main reason Microsoft wants to push DRM for personal/business documents is that, by having their own proprietary DRM scheme, they create a stronger form of vendor lock-in. They can make it so that, if you want to read a standard text file, you *need* to be running Windows because the DRM is only supported on Windows. They might even be able to push you to the newest version of Windows/Office because you'll need Windows 10 and Office 2017 to open a generic text file encrypted with Microsoft DRM v3.

This is like asking... (1)

Shoten (260439) | about 6 months ago | (#45104387)

...if you'd use an armored division of WW2 era tanks to defend your home.

DRM doesn't work very well...in those few situations where it does work, it's an enclosed environment with a massive investment in identity management. The real key to making DRM work is being able to assert who people are...otherwise you can't tell people apart, and thus can't differentiate between who should and should not be allowed to see the content. So it's infeasible for "personal" use, off the bat; if you don't control the environment pretty much entirely (like a company with heavy IP content...one situation where DRM does work, for internal use only) then it's a losing proposition. But at the same time, using DRM to try and foil surveillance? Really? That's idiotic. DRM is not much else more than encryption with a front-end for selective decryption based on identity. It's clear enough that trying to beat the NSA at the crypto game is a tall, tall order, and probably not something which gets any easier if you make it more complex by doing it under the guise of DRM.

Great! (1)

Anonymous Coward | about 6 months ago | (#45104397)

Now all I need is a team of lawyers!

DRM "proved ineffective and widely unpopular" (1)

sehlat (180760) | about 6 months ago | (#45104441)

I'm sure it will prove equally so for three-letter-agencies and other government entities.

an irony: Foxy's Henhouse, vacancies available (1)

themushroom (197365) | about 6 months ago | (#45104469)

Mundie also thinks it should be a felony to misuse that data. He thinks larger penalties would help deter shady organizations from harvesting data the user isn't even aware of.

Curious how the data collectors and abusers that we're so concerned about lately are parts of the government, thus mostly immune to their nefarious work being controlled or prosecuted. As the saying goes, "it's okay if I do it but not if YOU do it."

Felony has lost its meaning (1)

Anonymous Coward | about 6 months ago | (#45104489)

Felony used to be limited to the most serious of crimes. Now we permanently cripple their ability to survive over such petty issues as copyright infringement.

2 major issues with this proposal (1)

vikingpower (768921) | about 6 months ago | (#45104585)

#1) "felony" is US-centric. The MS guy obviously ( still ) thinks the entire internet is governed by US laws. Prolly a balding 60-year old who has lost touch with reality, and especially with where, nowadays, innovation is coming from. #2) I can not recall having ever seen a good idea originating within Microsoft. Nor can I recall having seen any good idea that took the internet by storm fathered or mothered by Microsoft.

My Personal Data already has DRM.... (0)

Anonymous Coward | about 6 months ago | (#45104601)

It's called a Username and Password... Firewalls, etc...

Sure it's easy to get around, but so is most DRM...

This whole premise is bullshit. (0)

Anonymous Coward | about 6 months ago | (#45104705)

A for-profit company like Microsoft has NO business
trying to dictate which methods are used to secure
user data.

Nor does Mundie have any business suggesting that
laws are enacted. That is the province of the people and the
legislators they choose to elect, and all corporations should
keep their goddamned noses out of the law making business because
the possibility of conflict of interest is so very strong.

Bottom line : could anyone but a fool trust Microsoft with ANYTHING ?
I submit the answer to this is no. Why doesn't Mundie do something
fun like retire and quit trying to control stuff he has no business trying to
control. He could become a chef for Nathan M. if he can't think up any other
ideas.

Well, except that it's impossible... (1)

Just Some Guy (3352) | about 6 months ago | (#45104709)

What bugs the shit out of me is that people who should know better act as though DRM isn't impossible. Quick, describe a system to me in which I can give you my data but you can only process it in ways I approve of. That means that you can't copy-and-paste it, or even just take a film photo of the screen and scan that in. Seriously. Working copy protection cannot be implemented in this universe, perhaps short of every participating computer having a quantum component that stops working as soon as you observe it.

No, I wouldn't secure my personal data with Digital Restrictions Management. That's insane and can't possibly work. I'd secure my personal data with contracts that say "this is what you can do with it, and I'm going to sue you into oblivion if I find it on the Internet". That's the only known way of restricting how another party uses your information.

Re:Well, except that it's impossible... (1)

black3d (1648913) | about 6 months ago | (#45105689)

> perhaps short of every participating computer having a quantum component that stops working as soon as you observe it.
Shh.. don't give them any ideas. ;)

DRM circumvents privity of contract (1)

tepples (727027) | about 6 months ago | (#45107607)

or even just take a film photo of the screen

So long as drugstore photo departments continue to process film.

and scan that in

Scanning software and image editing software already have measures against use with images of currency.

I'd secure my personal data with contracts that say "this is what you can do with it, and I'm going to sue you into oblivion if I find it on the Internet".

Such a contract would apply only to parties to the contract, under the "privity of contract" doctrine. DRM lets a copyright owner use 17 USC 1201 and foreign counterparts to apply terms like these even to people who haven't signed the contract.

So..encryption? (1)

king neckbeard (1801738) | about 6 months ago | (#45104715)

Encryption sounds like what he wants, most likely the public-private key type. It has the flaw of being uncontrollable once it's reached the recipient, and his solution proposes to solve it, but that's not how data works, so they are going to be equally efficient.

Fail on a stick (0)

Anonymous Coward | about 6 months ago | (#45104793)

This guy certainly isn't the first one to propose this. But he's from redmond. The company that bought up uprove then sat on it because it was too hard (they're secretly barbie). There are parallels with them buying up danger, then fucking it up beyond repair, and trying again with buying up nokia. They're like Uwe Boll: They touch it and it turns to poo.

How does uprove relate to this idea? It allows you to prove things without actually giving up the data to do it ("zero-knowledge proofs"). Adding DRM to your private data is good and well, but not needing to hand it over in the first place is better. And they've been sitting on this for a few years, with no clue what to do with it. So this guy... just fscked up again.

The consequence is obvious, and mr. Mundie needs to take action now. Dig up uprove. Open it up. Free it up. Give it to the world. We need stuff like uprove, and we do not need you sitting on it, doing nothing.

Snake Oil (0)

Anonymous Coward | about 6 months ago | (#45104853)

My Snake Oil cures baldness and arthritis. Oh, it made your arthritis worse? Well, it still cures baldness.

All DRM has ever accomplished, was to "lubricate" alternative paths which work better, and of course, it always did that exactly for the very people who were the most willing to comply with whatever purpose the DRM was intended to serve.

So for media, for example, it causes piracy at the expense of sales: people who were happy to pay for the product, switched to piracy in order to fix the DRM problems. Pure loss with no mitigating gain.

For "personal info" it'll just cause caching, secondary databases, etc: additional proliferation of the very info you don't want further spread. The people who will do this, are the same people who you probably could have trusted with the info in the first place. And the people you don't trust? They're the ones who will use the secondary databases that you made the people-you-trust create, thanks to your DRM.

DRM: always a loser.

Unsound mind! (1)

eyenot (102141) | about 6 months ago | (#45105009)

Whoever that guy is, he should be laughed down by the serious IT and security world for his stupid "input".

If your security solution requires that you pass a law making it illegal to break your security, then it's not a solution.

Re:Unsound mind! (1)

gatfirls (1315141) | about 6 months ago | (#45105089)

"If your security solution requires that you pass a law making it illegal to break your security, then it's not a solution."

I love that quote. Pretty much sums up the entire argument when it comes to DRM.

Re:Unsound mind! (1)

lgw (121541) | about 6 months ago | (#45105251)

No, that's just not true. Any fool with a "bump key" can unlock my front door. The lock doesn't keep people out - the law does. The lock just makes it quite clear that a specific act breaks the law. Does that prevent all burglary? No, of course not. But it prevents a lot.

I'm not sure how that metaphor extends to DRM protecting my personal info, but I could see making it clear to individual employees of companies that have my data that "if you do X with this data, you're committing a crime", and that would help a lot. Few people would commit a felony for the benefit of their employer. But I don't see how that would actually be implemented.

Re:Unsound mind! (1)

eyenot (102141) | about 6 months ago | (#45220761)

You entire argument rests on the assumption that your bump key for your front door is secure.

Answer? Obviously, it isn't! All you are saying, here, is that you have PURCHASED an insecure system in lieur of a security system, that you know fully well its weaknesses and that it can (basically, let's admit it -- WILL) be defeated by easy to replicate means, and that your only HOPE is that law enforcement will discourage your predators.

I expect better debate than this out of Slashdot. Please don't respond if you aren't going to win the debate with your next words. Thanks but no thanks.

DRM for music wasn't "massively" unpopular.... (1)

Karlt1 (231423) | about 6 months ago | (#45105079)

except with the record companies.

The true history is that the labels forced DRM on Apple and over time, Apple's DRM along with the popularity of iPods and iTunes gave Apple negotiating leverage over the record companies since it sold 70% + of the digital music and no one else could sell DRM protected music for the iPod.

When they asked Apple to license their DRM, Steve Jobs said no and told them if they wanted interoperability with iTunes and iPods with other vendors let everyone sell DRM free music,

http://www.apple.com/ca/hotnews/thoughtsonmusic/ [apple.com]

Most people back then didn't care about DRM as long as they could play their music on iPods and burn their music to CDs,

Snowdenizing (0)

Anonymous Coward | about 6 months ago | (#45105111)

So, personal data should be encrypted to keep companies from abusing it.

1. DRM requires giving the key to the client. Difficulty: Companies that can't be trusted with the data can't be trusted with the keys.

2. Solution: Have the NSA run and own the data store. Since they can break the keys anyways, we can save money on cryptography research by just giving it to them.

Wut? (1)

HeckRuler (1369601) | about 6 months ago | (#45105183)

Would You Secure Personal Data With DRM Tools?

Well, sort of, I guess. But it's called ENCRYPTION. And the only one with the rights to that material is me.
DRM traditionally let's other people sorta kinda maybe see the material. And is bound to fail.

Felony charges? Sure, for companies! (1)

jd659 (2730387) | about 6 months ago | (#45105289)

When Microsoft and other companies try to fight copyright infringement, they essentially made the law that "making the product available" constitutes the infringement. It doesn't matter if anyone has actually downloaded the copyrighted material or used it in any way that might be illegal, the fact that the product was "made available" is a violation of the law and implies under hefty statutory damages without the owner needing to prove any damages. The corporations were successful at crafting the law that punishes such the behavior of sharing and essentially makes an individual who shares go bankrupt.

How would the same principle of overzealous punishing for "making available" work in the proposed case of personal data and DRM? Actually very simply. Only in this case the health care provider is the one who potentially "makes available" the personal data. Just as it doesn't matter whether the downloaded copyrighted material has ever been played/installed/used, the fact that it was made available is punishable. With personal data, once anyone's data is "made available" it would be irrelevant if it was used or misused, the mere fact of making it available should be punishable. And I don't mean a small fine. I mean jail time for those who approved the decision, the architecture, or made errors in code. As it is difficult to impose the same severity punishment that individuals face for sharing onto a corporation, it should be either a corporation to go bankrupt or responsible people going to jail. What will happen if such law gets passed? Since many executives will not like to end up in jail for proposing a stupid solution, the silly ideas will die out. So, if some provider decides to implement Microsoft's solution with DRM and an error in Microsoft DRM causes the data to be leaked, the Microsoft executives would face felony charges for not providing the appropriate safeguards and making the data available. Yes, I mean, you, Craig Mundie would become a felon! I completely support such a reciprocal implementation of the law.

DRM has always had incorrect design (0)

Anonymous Coward | about 6 months ago | (#45105585)

Would You Secure Personal Data With DRM Tools?

Of course not.

All DRM (so far) has used this approach: "give them the lock and the key, and try to obscure the key enough so that they don't figure out where the key is".

All DRM implementations (so far) have been a complete misapplication of encryption technology.

With this 100% track record of incorrect design, I could not possibly trust any technology that someone labels as "DRM".

Beat them at their own game (1)

thegarbz (1787294) | about 6 months ago | (#45105609)

We don't need DRM to protect personal data. All we need is for companies to be fined for $millions every time they let 15 parts of our personal information file get passed on to a 3rd party.

The problem would solve itself fairly quickly that way. It may not have worked for them but there's a key difference. I am one of billions being chased by a few. They are few being chased by millions.

Shame the end result currently is a class action, a rich lawyer, and a voucher for a 10% discount next time we hand our personal info over.

DRM = encrypted for Microsoft software (1)

andrew3 (2250992) | about 6 months ago | (#45105895)

Let's not forget what DRM actually is. DRM-encrypted files are encrypted so that, at least in theory, only one program can read it. That program can arbitrarily impose restrictions on the user. How does that protect the user at all? From themselves and from their friends?

Encryption is a good way of protecting your privacy. Encrypting for Microsoft is a good way of losing control of your data.

Failure (1)

manu0601 (2221348) | about 6 months ago | (#45106375)

We defeated DRM for years, and we would want to protect us? That is nonsense.

And legal DRM protections will not help. NSA will find a way around it, and megacorporations will rely on offshore societies subjected to different juridiction to do the dirty job.

You Want Encryption, Not DRM (1)

CodeBuster (516420) | about 6 months ago | (#45107469)

While it's true that (poor) encryption is often used in DRM schemes, they aren't really the same thing. Encryption is designed to prevent third parties from observing your data without access to the decryption keys. This is an effective method of keeping secrets from adversaries even on systems that you don't know about and don't control. Contrast this with DRM which has the neigh impossible task of preventing devices, not in the custody or control of these "rights holders", from making copies of or format shifting data while still showing it to the end users in unencrypted form and keeping the decryption keys secret. Nobody who understands these matters believes that DRM is effective or can be made so, the very idea is asinine, but that doesn't seem to stop ignorant business people from trying.

Shady Organisations? (1)

Gonoff (88518) | about 6 months ago | (#45107663)

I suppose it depends on which ones you define as shady.

Along with most of the planet, I would describe every huge US, pseudo international, corporation as something that may well be shady. Every US TLA spook name I have ever heard of has shown itself to be shady at times. They all have what is called an "excessive sense of entitlement".

These groups will see it as their entitlement and their duty to ignore and breach any DRM used in this way. Using DRM like this would, however, rehabilitate it in the minds of a great many people.

I'm just not sure that it would even be allowed by those who feel they are our masters.

Why is this a bad idea? (0)

Anonymous Coward | about 6 months ago | (#45109969)

This is a bad idea because the DRM scheme will be assumed to be secure, when in reality it will likely be broken easily. If your personal data is then compromised, you will be assumed to be at fault because the DRM is secure, and you'll have to prove you are innocent. Good luck with that. This sort of thing puts all the burden on individuals to deal with huge nameless, faceless corporations and the government. That's a bad idea.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...