Saturday, March 20, 2004
AN INEXHAUSTIBLE SUPPLY OF BUGS
Professor Edward Felten says:
"If true, this conclusion has profound implications for how we think about software security. It implies that once a version of a software product is shipped, there is nothing anybody can do to improve its security. Sure, we can (and should) apply software patches, but patching is just a treadmill and not a road to better security. No matter how many bugs we fix, the bad guys will find it just as easy to uncover new ones."
to me, this indicates that DRM/TPM systems, as security systems, will inevitably be flawed and therefore insecure. Insecure DRM will not be able to prevent content from being copied, and in the world-wide network will be disseminated rapidly between peers. in other words, we cannot rely on mere technical protection measures to maintain copyright law in whatever form. Of course, DRM basically destroys most fair-dealing uses and encloses the public domain, so the fact that it doesn't work very well is both a message to the content industry to not even try to use such systems, and also a reassurance to consumers, users and citizens that try as they may, shortsighted content distribution companies can't swim against the current of public opinion without drowning.
LINK:
http://www.freedom-to-tinker.com/archives/000548.html
Professor Edward Felten says:
"If true, this conclusion has profound implications for how we think about software security. It implies that once a version of a software product is shipped, there is nothing anybody can do to improve its security. Sure, we can (and should) apply software patches, but patching is just a treadmill and not a road to better security. No matter how many bugs we fix, the bad guys will find it just as easy to uncover new ones."
to me, this indicates that DRM/TPM systems, as security systems, will inevitably be flawed and therefore insecure. Insecure DRM will not be able to prevent content from being copied, and in the world-wide network will be disseminated rapidly between peers. in other words, we cannot rely on mere technical protection measures to maintain copyright law in whatever form. Of course, DRM basically destroys most fair-dealing uses and encloses the public domain, so the fact that it doesn't work very well is both a message to the content industry to not even try to use such systems, and also a reassurance to consumers, users and citizens that try as they may, shortsighted content distribution companies can't swim against the current of public opinion without drowning.
LINK:
http://www.freedom-to-tinker.com/archives/000548.html
