Re: Flame Linus to a crisp!

Tony 'Nicoya' Mantler (nicoya@apia.dhs.org)
Wed, 23 Apr 2003 23:53:29 -0500


In article <20030424041004$113a@gated-at.bofh.it>,
Linus Torvalds <torvalds@transmeta.com> wrote:

[...]
: I want to make it clear that DRM is perfectly ok with Linux!
[...]

Well ok then. I assume for DRM to be in the kernel it would have to somehow be
in a useful form, and to be in a useful form it would have to be secure. I think
everyone can agree it does no good to have completely useless code cluttering
the kernel.

I see two directions of signing, a bottom up (like media DRM) and a top down
(like X-Box or TCPA).

The latter should be very easy to implement securely and doesn't really qualify
as "DRM", but the former doesn't seem so simple.

If we assume the context of a standard PC, there would be nothing stopping a
user from replacing his signed DRM-compliant kernel with another unsigned kernel
which would put on a puppet show for the DRM app, pretending to be signed.

The kernel must invariably be considered untrusted client code - code which in
this case controls every aspect of the system that a DRM app could interact
with, allowing it 100% freedom to fool a DRM app into thinking it's operaing in
a secure environment, or on a different computer, or on the cold side of pluto.
There's nothing stopping it, especially with the source freely available.

Making DRM in linux sercure would be like winning a hand of poker against
someone who can change all the playing cards at will.

How would you, or anyone, intend to address this? (besides changing the
definition of a "standard desktop PC" to only include systems like X-Box which
refuse to run unsigned code, and can't be overridden by the user)

Unless this is just a very silly troll?

Cheers - Tony 'Nicoya' Mantler :)

-- 
Tony "Nicoya" Mantler - Renaissance Nerd Extraordinaire - nicoya@apia.dhs.org
Winnipeg, Manitoba, Canada           --           http://nicoya.feline.pp.se/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/