[Cryptography] Photojournalists & filmmakers want cameras to be encrypted
John Gilmore
gnu at toad.com
Sat Dec 17 15:30:18 EST 2016
> There is a reason it is called Secure Digital cards, more popularly known as SD cards. In order to support SD cards, the device has to support encrypted cards. This feature has literally been there for 17 years.
> The feature is so negatively desired that manufacturers have hide that the camera is even capable of it.
The reason people hate the "Secure" features of SD cards is that they
were designed to work AGAINST the owner of the SD card and the camera.
They provide DRM, not user security or user empowerment.
SD cards' crypto was CPRM, designed by Hollywood as a reaction to the
first MP3 players (which preceded the Apple iPod by some years). They
wanted a way to sell you music that you could not usefully copy, by
encrypting it on the card with a secret that was unique to the card.
Licensed music players would know how to handshake with the card's
crypto engine to play back the encrypted songs -- but ordinary "copy"
commands would copy the encrypted songs onto other media that didn't
have a crypto engine or onto an SD card that had different crypto
secrets -- so the copied songs would not be playable.
The music industry's attempts to sell DRM'd music failed in the
market, as consumers adopted MP3 players and converted existing music
recordings (e.g. from vinyl records and CDs) into MP3s. The closest
they came to succeeding was with the iPod, which became a runaway
success despite Apple only offering downloads of DRM'd music, locking
the player to a specific Mac computer, refusing to allow songs to be
read back from an iPod for sharing, etc. But to gain initial
acceptance, the iPod would play back MP3s, so users learned to share
their MP3s using non-Apple tools and then manually load their iPod
with MP3s. Eventually Apple convinced Hollywood to let them sell
users the unrestricted MP3s that users wanted to buy, and that was the
end of DRM for music. iPods had no removable media at all, and never
used SD cards.
SD cards and MMC cards were very close to identical, and their
standards tracked each other as they evolved, except for the extra
crypto engine in SD cards. But "SD" became the brand that every
consumer looked for, rather than MMC, for reasons I don't know. Due
to selling in higher volumes, they became cheaper than MMC cards.
See:
https://en.wikipedia.org/wiki/Secure_Digital
https://en.wikipedia.org/wiki/Content_Protection_for_Recordable_Media
> In order to support SD cards, the device has to support encrypted cards.
I don't believe that this is true. Many devices support SD cards but
do not interact with the encryption. The average USB SD card reader
is an example. And there's no such thing as an "encrypted card". All
SD cards support crypto. When encryption is used, individual file
contents are separately encrypted, while the filesystem metadata is in
the clear.
What modern devices actually interact with the crypto engine in SD cards?
John
More information about the cryptography
mailing list