Two questions

On Sun, 20 Sep 2015 18:39:49 -0400, Alan Browne
wrote:

On 2015-09-20 18:09, Eric Stevens wrote:
On Sun, 20 Sep 2015 10:07:08 -0400, Alan Browne
wrote:

On 2015-09-20 04:38, Eric Stevens wrote:
On Sun, 20 Sep 2015 17:02:38 +1200, Eric Stevens
wrote:

On Sun, 20 Sep 2015 00:28:48 -0400, nospam
wrote:

In article , Eric Stevens
wrote:

I can't imagine Apple building 4K machines which will not handle
vidity. In that case they are limited to whoever can provide Crypto
Management hardware.

who said anything about building 4k machines?

They already do. See https://support.apple.com/en-us/HT202856

just the other day you said you can't imagine they'll make a 4k machine
without vidity and now you point it out.

you're also confusing connecting a 4k display with playing protected
content. they are two different things.

No I'm not. I'm saying a 4K machine without Vidity capability will be
handicapped in the market.

also, a processor transition has nothing to do with any of that.

It's got to work in with Crypto Manager which is not just software but
hardware.

See the diagram on http://www.rambus.com/key-issuance-center/

Apple's DRM system has been doing a similar function for years so that a
users various devices can play paid-for content. That includes "owned"
content and "rented" content.

The only problem is such a system is open to side-channel attacks
[ see https://en.wikipedia.org/wiki/Side-channel_attack ] and hence
is not really secure.

The Crptomanager is implimented in dedicated hardware and is the
current state of the art. In creating Vidity the entertainment
industry seems to have gone all-out to build the most resistant system
they could. Every transaction will need it's own unique key. That
appears to include copying from a server disk. All of this, of course,
transparent to the end user.

Apple's DRM requires unique keys for each instance of distribution.
Please find me evidence of a successful attack on Apple's DRM model.

If Apple do adopt Vividity and that requires hardware based crypto to do
so, then I don't think they'd have much trouble with it - Apple have
been doing that as well (esp. in devices with Secure Enclave).

I hadn't intended to continue with this but I have just been directed
to
http://www.investorvillage.com/smbd....g&mid=15326500
which led me to
https://edwardsnowden.com/2015/03/10...-a4-processor/
or http://tinyurl.com/pr4jzue and
http://www.macworld.com/article/2895...e-devices.html
or http://tinyurl.com/ow84594

See also "Based on Apple documents I have seen, when Apple introduced
Apple Pay they largely execute that financial transaction using an
external NXP chip which has an embedded secure element. Given that NXP
has licensed Rambus’s DPA countermeasures, it would appear NXP secure
elements are protected from DPA hacking."


I know you don't think much of Apple but they have more DRM and crypto
nous than Rambus and the entire collection of companies that are members
of the Vividity consortium put together.

I don't know where you get the idea that I don't think much of Apple.
It may be that you are confusing this with my annoyance at people who
think nothing should even be said which suggests Apple is not without
flaw.

Just your implication that

a. Apple "would have to" adopt Vividity. (They don't)

b. that if they did it would be an issue. (It wouldn't).


You should reserve your judgement about the relative cryptographic
competence of Apple and Rambus until you find out a little more about
Cryptography Research (a division of Rambus). See
https://en.wikipedia.org/wiki/Cryptography_Research
http://www.rambus.com/security/
http://www.rambus.com/security/cryptomanager-platform/

You should ask the NSA what they think of Apple cryptography. They hate it.
--

Regards,

Eric Stevens

In article , PeterN
wrote:

I hadn't heard of this until you mentioned it. While there are no
doubt some children in China assembling phones for 17 cents perhour
(and what else might they be doing without that?) the overall quality
of iPhones suggests there is a lot of automated assembly in their
construction.

the same factories make just about every piece of electronics and apple
has done more than any other company to improve the situation.

but why let facts get in the way.

In some cultures everybody is a cannibal, does that make it OK?
Since you don't understand subtlety, I will rephrase: Just because
"everybody" does something, doesn't make it right.

whoosh.

In article , Tony Cooper
wrote:

So no failure on Apple's part in choosing and using those suppliers?
In taking advantage of the lax enforcement?

What Apple is doing is what so many other companies are doing, but
since when is doing what other people are doing an excuse for doing
it?

since when is it acceptable to bash only one company, who has done the
most to make the situation better, while the other companies do little
to nothing at all?

Apple is not on the high ground here, just as Sorkin said.

nonsense.

sorkin is doing it solely for publicity because his movie hits theaters
in a couple of weeks.

in other words, the *other* companies are taking advantage of the lax
enforcement, while apple takes the heat despite trying to fix it.

*that's* why tim criticized sorkin.

No, Apple takes advantage of the lax enforcement and does little to
fix it. Lip service. Just like the other companies.

bull****.

apple has done quite a bit to improve the situation.

In article , Tony Cooper
wrote:

I don't want to be accused of being an Apple basher, so I won't link
to it, but the very recent catfight between Aaron Sorkin and Tim Cook
didn't go well for Tim.

Noise. Cook doesn't like how someone has portrayed his deceased friend
and says so. Sorkin then pulls a classic deflection accusing Apple of
child labour in China as a retort.

(And yes, Apple knows some suppliers have underage workers and continues
to audit and force change despite this being a failure of the Chinese
government to enforce the law.)

Sorkin's just doing his job to attract attention to his movie.

I dunno about "deflection". Cook called the film "opportunistic", and
Sorkin rightly called Cook on claiming that a movie is opportunistic
when Apple's business plan is as opportunistic as it comes.

how is that different from every other company?

Nothing. Does that make it acceptable?

what's unacceptable is bashing only one company when other companies do
the same thing, especially when the company being singled out is doing
stuff to improve the situation while others are not.

it's classic apple bashing.

hint: it isn't.

I already said that. I don't need your macro or your Pavlovian
response to know that.

only after i pointed it out.

sorkin is doing nothing more than stirring the pot to get some
publicity for his film.

Cook was the first to stir the pot. Sorkin replied.

cook was correct.

sorkin is an opportunist who is capitalizing on steve jobs' death, as
did the creators of the other steve jobs movies and books.

sorkin replied because he wants to get some publicity for the movie
because it's coming out in a couple of weeks.

At least Sorkin has seen an Apple product. Cook admits he's never
seen the film that he criticized.

the reality is that a lot of people are cashing in on steve job's death
with movies and books that are anywhere from somewhat accurate to
mostly fiction which is why tim said what he said.

Confidante of yours, is he?

unlike you, i know quite a bit of the history of those involved.

a lot of it is fiction, which might make for a more entertaining movie
but it's nevertheless fiction.

In article , Alan Browne
wrote:

That said, at David's 64 GB / day it comes to 47 years for a 250 GB
drive - but only IF the software is redesigned to avoid multiple
re-writes into blocks in the same session. (Buffering, ram disks, etc.)

the ssd controller takes care of wear leveling.

I was referring to how the SSD may (or not) take care of short writes
from a program.

For example, if I open a file and write 100 bytes to it and close the
file then there is no certainty as to when the OS posts it. If it posts
it immediately, then the SSD firmware would open a block (say 4K) read
that, modify the 100 bytes and write the 4K in a different 4K block area
(leveling) resulting in wear far beyond the 100 bytes written.

(I'm leaving out all the file management stuff the OS is doing as well
for simplicity).

I don't know if the SSD and the OS communicate to a degree to manage
such scenarios. So if David's s/w is writing a lot of small files
before doing a higher level processing run, then the wear would be much
higher.

That is why, if one were to do such, one would be best to take the
smaller data sets and manage them (corral them) into agglomerations in
order to avoid writing small amounts of data to the SSD. This is not
trivial, but nor is it all that difficult to manage.

that's a valid point, but even ignoring that, he's not going to wear
out the ssd before something *else* fails first, or that the computer
is just old enough to warrant something newer.

in other words, the ssd will be replaced before it's dead.

and another thing he's not mentioning is that a hard drive would not
fare as well as an ssd.

On Sat, 26 Sep 2015 10:40:37 -0400, nospam
wrote:

In article , Eric Stevens
wrote:

I had intended to let this discussion die on it's feet but I have
found a number of relavant web sites.

First, there is
http://www.rambus.com/security/dpa-c...esistant-core/

"The DPA Resistant AES Core is a high-security AES primitive that
offers chipmakers an easy-to-integrate security solution with
built-in side-channel resistance for cryptographic functions across
a wide range of devices."

This is a device which clearly is intended to be built in to someone
else's silicon. It's not an external add-on.

that does't say it will be part of the *processor*.

anyway, you have to answer if windows pcs will adopt it. if they don't,
what will windows pcs do without the ability to play movies? or is
apple the only one who will supposedly be left out?

As I keep saying, we will have to wait and see.

in other words you have no idea.

Is that the sound of a penny dropping?
--

Regards,

Eric Stevens

On Sat, 26 Sep 2015 10:30:43 -0400, Alan Browne
wrote:

On 2015-09-24 23:35, Eric Stevens wrote:
On Thu, 24 Sep 2015 18:53:49 -0400, Alan Browne
wrote:

On 2015-09-24 18:17, Eric Stevens wrote:

Vidity won't run on a chipset which doesn't incorporate the
CryptoManager core.

To run Vidity, they have to have a chipset which incorporates the
CryptoManager core. As I understand it, the CryptoManager core is an
integral part of the particular chipset.

As nospam says, "so what?". The adoption of Vidity's crypto module
should be host processor agnostic.

One of it's tasks is to deal with information leakage which definitely
is hardware specific.

What part of "so what?" don't you get.

There is nothing about all this that can't be controlled by a host
processor that doesn't see the data stream at all (or only while it is
encrypted). A vividy processor with audio/video channels out to the
display and audio "cards" is just another thing that can be commanded
from another processor - all while not being able to intercept the
decrypted streams.

What also strikes me is that the Vividy system would not be allowed in
devices such as Apple TV because the decrypted output would thence go
via HDMI to the monitor/television which would make it ripe for piracy.

Yes. That puzzles me too. We shall have to wait and see.

So one will need the Vividy device built in to their televisions.

Another issue is something like Apple AirPlay. For example the
decrypted video would appear on my iPhone/iPad/Mac screen and then would
be pushed to the AppleTV and television monitor. Ripe for piracy.
(Apple can of course disable AirPlay wherever required).



Indeed Apple could likely incorporate Vidity's processor (or process)
within the Ax package as hardware or software - even to the point of
securing the keys within the Ax secure enclave. Note: The "ARM" logo
figures prominently he https://www.vidity.com/about-us/

They are one of the founders of SCSA.


--

Regards,

Eric Stevens

On Sat, 26 Sep 2015 10:34:39 -0400, Alan Browne
wrote:

On 2015-09-24 23:38, Eric Stevens wrote:
On Thu, 24 Sep 2015 19:07:12 -0400, Alan Browne
wrote:

On 2015-09-24 18:17, Eric Stevens wrote:

To run Vidity, they have to have a chipset which incorporates the
CryptoManager core. As I understand it, the CryptoManager core is an
integral part of the particular chipset.

That does not mean it won't or can't integrate with intel or ARM
processors. Indeed, the Vividy crew include ... ARM. So as I've
pointed out the Vivify module could actually be incorporated within an
Ax processor SOC from Apple.

As I have already posted: it's not an add-on module. It has to be

What part of "incorporated withing an Ax processor" is so hard to get?

Probably the same part where you found "an integral part" hard to
understand.

Why are we arguing? We seem to be saying much the asame thing.

An Ax processor is based on ARM - ARM is part of Vividy and the Ax
processors SOC contains the graphics as well.

tailored to the DPA leakage of the parent chip set. If for no other
reason, that's why it won't be a single device of universal
application.

Horse****. The host processor does not have to see the decrypted
stream.

You are quite right. It could be a separate device. I have just posted
an article which refers to where Apple uses an NXP chip for this
purpose.

It could control the Vividy system with commands and provide it
with the encrypted data stream - but not be provided with the decrypted
data stream. The Vividy system would thence output the video and audio
directly to the viewing device within the widget.

This pretty basic stuff. Not sure why you can't see it.

I'm trying to balance what little I know with what I have read of the
technology. As I keep saying, we will have to wait and see.
--

Regards,

Eric Stevens

On Sat, 26 Sep 2015 16:22:55 -0400, PeterN
wrote:

On 9/26/2015 10:42 AM, Alan Browne wrote:
On 2015-09-26 05:08, Eric Stevens wrote:
On Sat, 26 Sep 2015 00:00:18 -0400, Tony Cooper
wrote:

On Sat, 26 Sep 2015 15:45:37 +1200, Eric Stevens
wrote:

"The Cupertino giant has for months been said to be in talks with
major US studios in a bid to secure content for a streaming Apple
service. Compensation reportedly remains a sticking point."

I don't want to be accused of being an Apple basher, so I won't link
to it, but the very recent catfight between Aaron Sorkin and Tim Cook
didn't go well for Tim.

I hadn't heard of this until you mentioned it. While there are no
doubt some children in China assembling phones for 17 cents perhour
(and what else might they be doing without that?) the overall quality
of iPhones suggests there is a lot of automated assembly in their
construction.

There's a lot of touch labour at final assembly.

As to the child labour that's a failure of those suppliers and the
Chinese government who are very lax at enforcement.


Lax is an understatement.
What is really needed is for sellers in the importing countries to have
the moral courage to manufacture in compliant countries, preferably at
home.

I wonder what an iPhone would cost if it were made entirely in the
USA?

I wonder how those reputedly 17c/hr children would get on if they lost
their 17c/hr?

A month or so ago Foxcon announced they were going to move their
operations to India. That meant they were going to relocate 1,000,000
jobs. In other words, 1,000,000 people in China were going to be
without work. That's an indication of the size of the problem.
--

Regards,

Eric Stevens

In article , Tony Cooper
wrote:

So no failure on Apple's part in choosing and using those suppliers?
In taking advantage of the lax enforcement?

What Apple is doing is what so many other companies are doing, but
since when is doing what other people are doing an excuse for doing
it?

since when is it acceptable to bash only one company, who has done the
most to make the situation better, while the other companies do little
to nothing at all?

Apple is not on the high ground here, just as Sorkin said.

nonsense.

sorkin is doing it solely for publicity because his movie hits theaters
in a couple of weeks.

Cook provided the opening. Sorkin didn't instigate this, Cook did. If
Sorkin got publicity for the movie it was because Cook gave him the
opportunity to do so.

tim did not criticize sorkin.

tim was referring to *all* of the people cashing in on the death of
steve jobs, and he's 100% right:
I think that a lot of people are trying to be opportunistic, and I
hate this; it¹s not a great part of our world.

sorkin just wanted to get his name in the news because his movie is
coming out. he even said he didn't do it to get rich. bull****.

sorkin realized his mistake,
http://www.eonline.com/news/700364/a...-to-apple-ceo-
tim-cook-after-slamming-him-over-opportunistic-remarks
"You know what, I think that Tim Cook and I probably both went a
little too far," he told E! News exclusively.*"And I apologize to Tim
Cook. I hope when he sees the movie, he enjoys*it*as much as I enjoy
his products."

It can be claimed that Cook was being a mediawhore because Apple has
this new product release going on. You may have noticed.

anything can be claimed. what matters is if there's evidence to support
it, and there isn't.

apple doesn't push its products by criticizing those who make fictional
movies about a dead ceo.