Active Topics
-
Nokia FW servers dead (124)
to MeeGo / Harmattan by tvandorffy - 3 mins ago -
How to force MMS to use cellular network for data? (1)
to SailfishOS by robthebold - 10 hrs, 42 mins ago -
Crash/poweroff after entering SIM PIN (6)
to Nokia N9 / N950 by nonsuch - 1 day, 7 hrs ago -
Phone Camera Competition May 2021: "spring is here" (3)
to General by robthebold - 1 day, 16 hrs ago -
Not clickbait "NOKIA STILL MAKING PHONES, BUT FOR INDUSTRIAL USES" (3)
to Competitors by biketool - 2 days, 21 hrs ago -
Phone Camera Competition April 2021: "Funny & Foolish" (38)
to General by peterleinchen - 3 days, 7 hrs ago -
A Palm OS thread ... and a thank you to the community (24)
to Alternatives by meemorph - 4 days, 2 hrs ago -
MeeGo v1.2.0.1x for Netbook (0)
to MeeGo / Harmattan by teroyk - 4 days, 2 hrs ago -
What's the best Handheld gnu/linux machine for 20XX? (78)
to Competitors by clort - 6 days, 9 hrs ago -
Unofficial Storage for camera phone competition... (62)
to General by catbus - 6 days, 17 hrs ago - more...
wmarone |
2010-02-28
, 04:58
|
|
Posts: 1,746 |
Thanked: 2,100 times |
Joined on Sep 2009
|
#81
|
Originally Posted by ysss
How'd I prove your point. I'll only buy DRM'd materials if the DRM has been broken. If it isn't broken, I do without.
| The Following 2 Users Say Thank You to wmarone For This Useful Post: | ||
|
|
2010-02-28
, 07:33
|
|
Posts: 1,427 |
Thanked: 2,077 times |
Joined on Aug 2009
@ Sydney
|
#82
|
IMO, it's only the people who pay for legit copies who suffer from DRM etc.
When I buy a PC game, first thing I look for is a crack sometimes.
So I don't need the DVD inside my drive or need to login etc. =P
When I buy a PC game, first thing I look for is a crack sometimes.
So I don't need the DVD inside my drive or need to login etc. =P
| The Following User Says Thank You to jakiman For This Useful Post: | ||
 |
|
2010-02-28
, 07:48
|
|
Posts: 4,384 |
Thanked: 5,524 times |
Joined on Jul 2007
@ ˙ǝɹǝɥʍou
|
#83
|
@jakiman: For many of current (imho flawed) DRM implementations, yes I agree with your assertion. Again, I'll have to point out that this is a problem with bad implementation of DRM.
@wmarone, et al:
We're getting circular in the discussion, so I'll just throw out what I think is the main question in this issue:
Do you have a problem with not being able to get free copies of the product, or the way the product enforces that?
@wmarone, et al:
We're getting circular in the discussion, so I'll just throw out what I think is the main question in this issue:
Do you have a problem with not being able to get free copies of the product, or the way the product enforces that?
__________________
Class .. : Power User
Humor .. : [#####-----] | Alignment: Pragmatist
Patience : [###-------] | Weapon(s): Galaxy Note + BB Bold Touch 9900
Agro ... : [###-------] | Relic(s) : iPhone 4S, Atrix, Milestone, N900, N800, N95, HTC G1, Treos, Zauri, BB 9000, BB 9700, etc
Class .. : Power User
Humor .. : [#####-----] | Alignment: Pragmatist
Patience : [###-------] | Weapon(s): Galaxy Note + BB Bold Touch 9900
Agro ... : [###-------] | Relic(s) : iPhone 4S, Atrix, Milestone, N900, N800, N95, HTC G1, Treos, Zauri, BB 9000, BB 9700, etc
Follow the MeeGo Coding Competition!
|
|
2010-02-28
, 08:34
|
|
Posts: 1,746 |
Thanked: 2,100 times |
Joined on Sep 2009
|
#84
|
Originally Posted by ysss
No.
Do you have a problem with not being able to get free copies of the product
the way the product enforces that?
I'm quite insulted that you think that opposing the use of DRM means I want things for free.
|
|
2010-02-28
, 16:28
|
|
Posts: 311 |
Thanked: 110 times |
Joined on Nov 2007
@ Boston, MA
|
#85
|
Originally Posted by ysss
Ysss - so far you have yet to actually list one good implementation of DRM!!! Everyone listed so far is "flawed" somewhat!!!
@jakiman: For many of current (imho flawed) DRM implementations, yes I agree with your assertion. Again, I'll have to point out that this is a problem with bad implementation of DRM.
@wmarone, et al:
We're getting circular in the discussion, so I'll just throw out what I think is the main question in this issue:
Do you have a problem with not being able to get free copies of the product, or the way the product enforces that?
While getting something for nothing is great but I do not have a problem with paying, its the way that its enforced. If I pay for something then (within the limits of copyright law) I should be able to do what I want with what I bought - there should be no limitations on the number of devices I install it onto nor should there be any restrictions on the devices that can play it and there should be no additional "crap" installed with the application/game/music (etc) I bought to control these restrictions!
I agree with copyright law 100% and if something comes with DRM I will not buy it - apart from DVD's where there is just no option...
Last edited by jer006; 2010-02-28 at 16:30.
 |
|
2010-03-02
, 14:40
|
|
Posts: 2,535 |
Thanked: 6,681 times |
Joined on Mar 2008
@ UK
|
#86
|
Originally Posted by benny1967
Not really; however it's probably easier to find the deb being shared (and stop that as blatant copyright abuse) rather than the command to install it (you can't copyright apt-get install foo).
If it's a deb that is either opened in app manager or saved....
a) How does this compare to the previous situation (download via apt-get) in terms of illegally spreading the file? Not much better for publishers I suppose, is it?
b) Does this mean the applications aren't in a repository any more and therefore will not get updated if a bug is fixed?
It's interesting that with all the indepth technical approaches we hypothesised they'd come up with, they went for the "well, we'll download a deb and install it directly" solution.
This was fairly clear when they announced in the PR1.1.1 changelog that installing from files was back to enable Ovi; however on the super-large negative (or plus, depending on your POV) side, it means that random debs distributed through random websites can now be installed directly through Application Manager.
Woot! *cough*
I can imagine that the current disabling is pending a hack to the browser to prevent it from asking whether or not you want to save & open, and just make it open.
C'mon Nokia, apply some technical design skill here! Hell, I'm even getting to the point whereby if they outlined what approach they were going to take, I'd happily cast my eye over it - the current "let's try this; oh shoot, it's broken" strategy is just so embarrassing!
Of course, without Harmattan's security framework, there's no good solution to this; but at least we can try and make it harder. My preferred approach is still:
- apt source line of the form: ovi://downloads.nokia.com/ovi/fremantle/2aae6c35c94fcfb415dbe95f408b9ce91ee846ed.... (e.g. SHA1 of Ovi Store unique ID)
- "ovi" URL schemes get the final portion XORed with their IMEI to give a repository URL of the form http://downloads.nokia.com/ovi/fremantle/d0c1d3fcc51f89b8ffd048935702da762fcd4805.
- Ovi username & password is configured through a control panel applet and is sent in the HTTP headers during apt.
- The downloads.nokia.com server recognises the username/password, repository URL and validates it against the user's stored IMEI against their account.
- If validation is successful, the Packages for this "repository" is the subset of packages which the user is entitled to download.
This has the advantages of:
- Preventing trivial sharing of debs (and apt sources)
- Allowing upgrades through Application Manager
- Allowing re-installation through Application Manager (on restoring a backup).
__________________
Andrew Flegg -- mailto:andrew@bleb.org | http://www.bleb.org
Andrew Flegg -- mailto:andrew@bleb.org | http://www.bleb.org
|
|
2010-03-02
, 16:09
|
|
Posts: 3,319 |
Thanked: 5,610 times |
Joined on Aug 2008
@ Finland
|
#87
|
Originally Posted by Jaffa
This would depend on everybody's personal definition of trivial - it's still way too easy to make a public repo/mirror. The only remotely useable option is a steam-like call-home validation (yuck), everything else is running in circles as it can be more-or-less trivially circumvented (IMEI notwithstanding).
This has the advantages of:
- Preventing trivial sharing of debs (and apt sources)
__________________
Blogging about mobile linux - The Penguin Moves!
Maintainer of PyQt (see introduction and docs), AppWatch, QuickBrownFox, etc
Blogging about mobile linux - The Penguin Moves!
Maintainer of PyQt (see introduction and docs), AppWatch, QuickBrownFox, etc
|
|
2010-03-02
, 16:33
|
|
Posts: 2,535 |
Thanked: 6,681 times |
Joined on Mar 2008
@ UK
|
#88
|
Originally Posted by attila77
True. But the call-home stuff would have to be a) sufficiently anonymised to not allow usage tracking and b) be aware that it could go for days or weeks without a network connection.
This would depend on everybody's personal definition of trivial - it's still way too easy to make a public repo/mirror. The only remotely useable option is a steam-like call-home validation (yuck), everything else is running in circles as it can be more-or-less trivially circumvented (IMEI notwithstanding).
You've still got initial device identification as an issue, but you could perhaps assume - validly - that the device has a network connection during initial install. But then you're back to coordinating the install using IMEI as a key.
Any ongoing call home ("am I still installed on a device I should be installed on?") has to deal with just-as-simple interception and prolonged periods of network inaccessibility.
As I said, without Harmattan's security framework this is tilting at windmills and trying to avoid make it too easy for illicit folk on these (and other) fora to act illicitly.
__________________
Andrew Flegg -- mailto:andrew@bleb.org | http://www.bleb.org
Andrew Flegg -- mailto:andrew@bleb.org | http://www.bleb.org
Last edited by Jaffa; 2010-03-02 at 16:33. Reason: Typo.
|
|
2010-03-02
, 19:03
|
|
Posts: 118 |
Thanked: 26 times |
Joined on Jun 2008
|
#89
|
Originally Posted by jer006
SecuRom is a piece of junk and made my CD-ROM not work in Windows, but every software title I've seen with it advertises its presence on the box and in the manual, so it's only "installed without the user's knowledge" if the user is an unobservant *****.
They should all be lumped into the same sticky hairball though, if I buy a game I am only paying for and installing that game. All implementations such as Securrom, Sony's rootkit, starforce etc, they are all installed on the machine without the owners knowledge, they all run on the local machine hiding themselves in the process and they are all using local resources and in most cases are a nightmare to remove! Also all of them also seem to have caused issues on users machines...
Sony's rootkit was more insidious precisely because it's presence was not made known.
|
|
2010-03-03
, 02:57
|
|
Posts: 311 |
Thanked: 110 times |
Joined on Nov 2007
@ Boston, MA
|
#90
|
Well that unobservant ***** is likely drawn in by the flashy graphics on the games box and the machine requirements not some obscure reference to something called "SecureRom"... Guaranteed your average gamer is not even aware of it, what it is or even what it is used for! Initially when these products came out there was even less information, at least now there are blogs and newsgroup articles on the subject matter...
I dont understand why they dont just tie the software to the IMEI and forget the DRM all together... Thats how a bunch of stuff I bought from Handango for Symbian was delivered to me back when I had a 5800! It just stinks that its taking so long to get at products like sygic maps etc...
I understand the need to stop piracy but it really is taking too long at this point!!!
I dont understand why they dont just tie the software to the IMEI and forget the DRM all together... Thats how a bunch of stuff I bought from Handango for Symbian was delivered to me back when I had a 5800! It just stinks that its taking so long to get at products like sygic maps etc...
I understand the need to stop piracy but it really is taking too long at this point!!!
