Vulnerability Development mailing list archives

Re: hacksdmi?

From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Thu, 12 Oct 2000 01:49:59 +0200

Having a look at SDMI :)
http://www.sdmi.org/download/port_device_spec_part1.pdf

Page 33 shows that source code is not to be released of how the circuits
works (non-disclosure/non-use); they make a difference between source code
and HDL-source code and they don't understand the difference between VHDL
and Verilog. They acronym "Verilog Hardware Description Language" VHDL.

Page 31 outlines a number of buses which may not recieve content. Alas it
assumes you to buy new hardware. Due to clumpsy choices of words, it
actually does seem that you may not use PCI in a portable device ;-)

And have a look at paragraph 10.2.3.1, it seems software implementations
are recommended to run as root in order to avoid content hacking... or
*something*. Perhaps they didn't understand when I install operating
system X, I become the super user? Another excelent supposed messure is
encrypting your application..........

Additionally, page 28 have a picture of the supposed secure A->D device.

I thought the DVD consortium & DVD CCA was stupid because they managed to
make a number of really clumpsy misstakes, but at least they seemed to
have some clues of what they where doing. SDMI seems to be insanely
clueless of much, not only the technology they're supposed to develop ;)

Page 26 mentions that in june, 1999 was the last time to supply solutions
to the watermark/screening problem. Given the flawed files offered in the
contest, I suspect they realised that the researchers being sceptical
turned out right in the end ;-)

Anyone having time to look at other documents at http://www.sdmi.org, they
may find themselves a good joke or two there. Perhaps we're taking part in
some X-Files episodes? I can almost see Mulder explain the plot to Scully:

"The aliens are experimenting with the public! By creating more and more
organisations and companies runned by fools, they're trying to <insert
evil stuff here>"

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team

             http://www.eff.org/cafe

Current thread:

SDMI - The way I would make the water mark., (continued)
- - - SDMI - The way I would make the water mark. Richard Rager (Oct 13)
    - Re: SDMI - The way I would make the water mark. Robert Collins (Oct 13)
    - Re: SDMI - The way I would make the water mark. buggz (Oct 13)
    - Re: SDMI - The way I would make the water mark. Steve Mosher (Oct 13)
    - Re: SDMI - The way I would make the water mark. Ben Galehouse (Oct 14)
    - Re: SDMI - The way I would make the water mark. Bluefish (P.Magnusson) (Oct 14)
    - Re: hacksdmi? Ralph Moonen (Oct 13)
    - Re: hacksdmi? Masial (Oct 13)
    - Re: hacksdmi? spiff (Oct 14)
    - Message not available
    - Re: SDMI - The way I would make the water mark. Ralph Moonen (Oct 14)
- Re: hacksdmi? Bluefish (P.Magnusson) (Oct 11)
- Re: hacksdmi? Bluefish (P.Magnusson) (Oct 11)
  - Re: hacksdmi? Steve Mosher (Oct 12)
    - Re: hacksdmi? David Knaack (Oct 12)
    - Re: hacksdmi? Robert Johnson (Oct 13)
    - Re: hacksdmi? Robert A. Seace (Oct 13)
- Re: hacksdmi? Blue Boar (Oct 13)
  - Re: hacksdmi? Granquist, Lamont (Oct 14)
    - Re: hacksdmi? Ben Galehouse (Oct 15)
    - Re: hacksdmi? David Knaack (Oct 16)
- Re: hacksdmi? Jord Sonneveld (Oct 11)

(Thread continues...)