LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Bitfrost: the OLPC security model

Bitfrost: the OLPC security model

Posted Feb 8, 2007 20:50 UTC (Thu) by drag (subscriber, #31333)
In reply to: Bitfrost: the OLPC security model by bronson
Parent article: Bitfrost: the OLPC security model

And they wouldn't care either. Most people who own TiVOs don't care, and if I owned a TiVO I probably wouldn't care much either.

As long as they make the 'developer keys' (or equivelent) aviable to end users then that's all that matters. If they make significant barriers to this then that could be construed as a violation, but it's not like they have to make it easy for you either.

I'd say it would be reasonable to require you to call Tivo and provide some sort of proof (say a UUID number on the bottom of the case) that the device belongs to you and then they'll mail you a key on a cdrom or whatever for 5 bucks or whatever reasonable to cover their costs.

There is no reason why they would have to provide keys to all Tivos, just the ones you own.

And the reason I originally said it's not 'DRM' is because DRM is designed to restrict a person's rights in regards to copyrighted material. If this is DRM, then setting file permissions on your home folder is DRM also. Implimenting filesystem encryption is DRM also, then.

If you want to make the definition so broad to encompas everything then I suppose you can call any sort of security measure DRM if you want to.

(Log in to post comments)

Bitfrost: the OLPC security model

Posted Feb 8, 2007 23:04 UTC (Thu) by bronson (subscriber, #4806) [Link]

And the reason I originally said it's not 'DRM' is because DRM is designed to restrict a person's rights in regards to copyrighted material.
Exactly like the OLPC BIOS.
If this is DRM, then setting file permissions on your home folder is DRM also. Implimenting filesystem encryption is DRM also, then.
Neither of those scenarios involve an upstream party using private keys (or other technology) to inhibit your enjoyment of a product that you rightfully own. I don't see how they could be considered DRM.

Bitfrost: the OLPC security model

Posted Feb 9, 2007 7:22 UTC (Fri) by man_ls (subscriber, #15091) [Link]

Exactly like the OLPC BIOS.
Not really. The OLPC doesn't prevent access to copyrighted material; it shuts down the machine and turns it into a brick. Not even close.
Neither of those scenarios involve an upstream party using private keys (or other technology) to inhibit your enjoyment of a product that you rightfully own. I don't see how they could be considered DRM.
I don't see how you can call Bitfrost "DRM" when there is no copyrighted material and no digital "rights" to manage. DRM is not "using private keys to inhibit enjoyment of products", it involves limiting access to certain files. Drag's example (setting permissions on a directory) is actually closer to DRM than OLPC's Bitfrost, IMHO.

Bitfrost: the OLPC security model

Posted Feb 10, 2007 8:01 UTC (Sat) by bronson (subscriber, #4806) [Link]

DRM can be used with anything, not just copyrighted content (according to http://www.defectivebydesign.org/en/about anyway). When the OLPC turns into a brick, isn't that awfully similar to a DVD refusing to decript its content or a Vista computer refusing to run an executable? Sure seems it to me.

And both DRM and Bitfrost are very dissimilar to chmod a-rw ~/. Directory permissions don't involve a 3rd party, DRM and Bitfrost do, chmod a+rw ~/* undoes the damage; DRM and Bitfrost don't have any such exit, etc. Shall I continue?

I guess we'll just have to agree to disagree on this one.

DRM vs TM

Posted Feb 10, 2007 10:21 UTC (Sat) by man_ls (subscriber, #15091) [Link]

As the linked page takes pains to explain, DRM can be based (on computers) upon "Trusted Computing", which Stallman mimics as "Treacherous Computing". You are saying that DRM can be used for anything (and is indeed used on the OLPC), when in fact it is TM that you are speaking about. It seems like a pedantic point, but it is important for the discussion not to mix these concepts IMHO.

TM can be a chip used by the kernel with cryptographic keys under the control of the owner, in which case it can be a good thing. The keys can also be under the control of a third party, which is a disaster. In the case of the OLPC it can turn into a brick. As it is a government-sponsored program anyway, I guess they have thought about it: if it gets disabled by mistake, you can always take it to a hypothetic repair service. I personally don't like the idea, and think it is a weak point in the whole scheme, but inexplicably nobody asked me before implementing it ;)

DRM, as one of its main peddlers has just said, is always a bad idea. Notice that, in the case of a DVD player you don't even need TM, as it is a closed platform anyway; in this case the device can simply have its keys revoked and it will refuse to play protected content, which is different than turning into a brick. When it is a computer in disguise you need complicated schemes such as TM to make the device obey its true master, the manufacturer.

DRM vs TM

Posted Feb 10, 2007 20:03 UTC (Sat) by bronson (subscriber, #4806) [Link]

TC is now such a broad concept that it's nearly useless. The wikipedia page does make it sound like both Bitfrost and drectory permissions would fall under the TC umbrella. But so would AppArmor. And hardware virtualization extensions. That doesn't mean they have anything in common with each other.

We can at least agree that FairPlay, CSS, and Microsoft's incompatible flavor du jour are examples of DRM, yes? defectivebydesign says that Tivoization is a form of DRM. And Hasp HL claims to be DRM. Bitfrost's ultimate behavior is basically the same as these technologies and has only the most superficial resemblance to directory permissions. That's why I really don't think it's a stretch to consider it DRM.

Maybe you could point me to an authoritative definition of DRM? The definition at the top of the Wikipedia entry clearly includes Bitfrost but, alas, I'd hardly call it authoritative.

Perhaps the media is subverting the meaning of DRM like it did with hacker? At this point, though, I'm afraid the cat's pretty far out of the bag.

DRM vs TM

Posted Feb 10, 2007 20:27 UTC (Sat) by bronson (subscriber, #4806) [Link]

...*not a stretch* to call [Bitfrost] DRM. Gah.

DRM vs TM

Posted Feb 10, 2007 23:01 UTC (Sat) by man_ls (subscriber, #15091) [Link]

I would say that Trusted Computing is a well defined concept, or at least it was until vendors started marketing it. OTOH DRM was always snake oil, and still is today. Maybe that is why authoritative definitions are hard to find. Look at this one (in PDF):
Digital Rights Management (DRM) is a system to protect high-value digital assets and control the distribution and usage of those digital assets.
It comes from an academic paper, but the "high value" part is not very objective: DRM can also be used for low-value garbage.

As to the examples you cite: Tivoization is a form of DRM only because it is used to protect digital content (digitized TV in this case). The article in Dr Dobb's Journal talks about protection of content and restriction of document distribution.

Even if the press and the general public misuse the term, that is IMHO no excuse for spreading bad usage. DRM protects content by whatever means, even if it's just a remotely controlled daemon setting directory permissions. After all, Adobe's protected PDF's rely on something like a bit set on a file.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds