trade-offs of secure programming with Palladium (Re: Palladiu m: technical limits and implications)

Trei, Peter ptrei at rsasecurity.com
Thu Aug 15 13:53:56 EDT 2002


> Russell Nelson[SMTP:nelson at crynwr.com] writes:
> 
> You're wearing your programmer's hat when you say that.  But the
> problem isn't programming, but is instead economic.  Switch hats.  The
> changes that you list above may or may not offer some security
> advantages.  Who cares?  What really matters is whether they increase
> the cost of copying.  I say that the answer is no, for a very simple
> reason: breaking into your own computer is a "victimless" crime.
> 
> In a crime there are at least two parties: the victim and the
> perpetrator.  What makes the so-called victimless crime unique is that
> the victim is not present for the perpetration of the crime.  In such
> a crime, all of the perpetrators have reason to keep silent about the
> comission of the crime.  So it will be with people breaking into their
> own TCPA-protected computer and application.  Nobody with evidence of
> the crime is interested in reporting the crime, nor in stopping
> further crimes.
> 
[...]

Russ: 

Take off your economic hat, and try on a law-enforcement one.

With DMCA, etal, the tools to get around TCPA's taking of your
right to use your property as you please have been criminalized.
(Don't argue that TCPA will always be voluntary. I don't beleive 
that).

I have little patience with arguments which say 'Yeah, they can
make X against the law, but clever people like me can always
get around it, and won't get caught, so I don't care.'

Maybe you can, some of the time, but that's not the point. Most
people won't, either because it's too hard, they don't know what
they've lost, or because of a misplaced respect for the whims of 
The Men with Guns. This is not a Good Thing.

A freedom to skulk in the shadows, hoping not to be noticed, is not
the legacy I wish to leave behind.

Peter Trei






---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list