[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Fri, 16 Nov 2007 00:31:28 +0000 "Michael Mortimore" <nospamformike@xxxxxxxxxxxxxx> wrote: > > You can actually provide DRM stuff using open source code without disclosing > > how to circumvent it 'at the source code' level. Think GPG keys etc. But like > > 'closed source' DRM its just not worth the effort. > surely the program needs to decode the content and if you can modify > the program (as would be the case with open source) you can send the > output anywhere you want. You can already modify the source of gnupg in any way you like but you won't be able to modify it such that you could decrypt a message encrypted with the standard program, without the secret key. DRM isn't that strong but the principle is similar. Any form of encryption that implements public and private keys means that the having the source of the program that created the keys is not enough to crack keys created by the standard program. The problem with DRM is that the secret key (if any) has to be copied to masses of devices which makes it less-than-secret. Like any encryption, once the secret is known, the encryption is useless (e.g. DVDs). Without the ability to recreate a new secret key and push it to wherever decryption needs to occur, the entire mechanism is useless. The only reason that gnupg continues to work is that a new secret key can be generated - anything made with the old key cannot be protected. I encrypt very little nowadays, gnupg is far more useful to prove that it is really me, via digital signatures. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/
Attachment:
pgpVEoDEZP8ho.pgp
Description: PGP signature
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html