2006-01-16

WMF: a backdoor intentionally placed by Microsoft

Update. Apparently Steve Gibson was a bit rash in his conclusions, so this is not true after all!

Compelling article on why the recent WMF exploit was very likely intentionally placed by Microsoft.

Slashdot says:

In a more detailed explanation, Gibson explains that the way SetAbortProc works in metafiles does not bear even the slightest resemblance to the way it works when used by a program while printing. Based on the information presented, it really does look like an intentional backdoor.

(criminal) CD Copy Protection: The Road to Spyware

Freedom to Tinker » Blog Archive » CD Copy Protection: The Road to Spyware

So if you're designing a CD DRM system based on active protection, you face two main technical problems:

  1. You have to get your software installed, even though the user doesn't want it.
  2. Once your software is installed, you have to keep it from being uninstalled, even though the user wants it gone.

These are the same two technical problems that spyware designers face.

[For those who don't know, Ed Felten is a Professor of Computer Science and Public Affairs at Princeton University]

(criminal) DRM reduces security

GROKLAW

We are entering the era of ubiquitous and safety critical computing, but the developers of DRM technologies seem to believe that computers are nothing more than personal entertainment systems for consumers. This belief is convenient, because creating DRM mechanisms that respect security, safety, and reliability concerns is going to be an expensive and complex engineering task.