Separating Data Ownership and Device Ownership

Consider two different security problems. In the first, you store your valuables in a safe in your basement. The threat is burglars, of course. But the safe is yours, and the house is yours, too. You control access to the safe, and probably have an alarm system.

The second security problem is similar, but you store your valuables in someone else’s safe. Even worse, it’s someone you don’t trust. He doesn’t know the combination, but he controls access to the safe. He can try to break in at his leisure. He can transport the safe anyplace he needs to. He can use whatever tools he wants. In the first case, the safe needs to be secure, but it’s still just a part of your overall home security. In the second case, the safe is the only security device you have.

This second security problem might seem contrived, but it happens regularly in our information society: Data controlled by one person is stored on a device controlled by another. Think of a stored-value smart card: If the person owning the card can break the security, he can add money to the card. Think of a DRM system: Its security depends on the person owning the computer not being able to get at the insides of the DRM security. Think of the RFID chip on a passport. Or a postage meter. Or SSL traffic being sent over a public network.

These systems are difficult to secure, and not just because you give your attacker the device and let him utilize whatever time, equipment and expertise he needs to break it. It’s difficult to secure because breaks are generally “class breaks.” The expert who figures out how to do it can build hardware—or write software—to do it automatically. Only one person needs to break a given DRM system; the software can break every other device in the same class.

This means that the security needs to be secure not against the average attacker, but against the smartest, most motivated and best funded attacker.

I was reminded of this problem earlier this month, when researchers announced a new attack (.pdf) against implementations of the RSA cryptosystem. The attack exploits the fact that different operations take different times on modern CPUs. By closely monitoring—and actually affecting—the CPU during an RSA operation, an attacker can recover the key. The most obvious applications for this attack are DRM systems that try to use a protected partition in the CPU to prevent the computer’s owner from learning the DRM system’s cryptographic keys.

These sorts of attacks are not new. In 1995, researchers discovered they could recover cryptographic keys by comparing relative timings on chips. In later years, both power and radiation were used to break cryptosystems. I called these “side-channel attacks,” because they made use of information other than the plaintext and ciphertext. And where are they most useful? To recover secrets from smart cards.

Whenever I see security systems with this data/device separation, I try to solve the security problem by removing the separation. This means completely redesigning the system and the security assumptions behind it.

Compare a stored-value card with a debit card. In the former case, the card owner can create money by changing the value on the card. For this system to be secure, the card needs to be protected by a variety of security countermeasures. In the latter case, there aren’t any secrets on the card. Your bank doesn’t care that you can read the account number off the front of the card, or the data off the magnetic stripe off the back—the real data, and the security, are in the bank’s databases.

Or compare a DRM system with a financial model that doesn’t care about copying. The former is impossible to secure, the latter easy.

While common in digital systems, this kind of security problem isn’t limited to them. Last month, the province of Ontario started investigating insider fraud in their scratch-and-win lottery systems, after the CBC aired allegations that people selling the tickets are able to figure out which tickets are winners, and not sell them. It’s the same problem: the owners of the data on the tickets—the lottery commission—tried to keep that data secret from those who had physical control of the tickets. And they failed.

Compare that with a traditional drawing-at-the-end-of-the-week lottery system. The attack isn’t possible, because there are no secrets on the tickets for an attacker to learn.

Separating data ownership and device ownership doesn’t mean that security is impossible, only much more difficult. You can buy a safe so strong that you can lock your valuables in it and give it to your attacker—with confidence. I’m not so sure you can design a smart card that keeps secrets from its owner, or a DRM system that works on a general-purpose computer—especially because of the problem of class breaks. But in all cases, the best way to solve the security problem is not to have it in the first place.

This essay originally appeared on

EDITED TO ADD (12/1): I completely misunderstood the lottery problem in Ontario. The frauds reported were perpetrated by lottery machine operators at convenience stores and the like stealing end-of-week draw tickets from unsuspecting customers. The customer would hand their ticket over the counter to be scanned to see if it was a winner. The clerk (knowing what the winning numbers actually were) would palm a non-winning ticket into the machine, inform the customer “sorry better luck next time” and claim the prize on their own at a later date.

Nice scam, but nothing to do with the point of this essay.

Posted on November 30, 2006 at 6:36 AM36 Comments


kgc November 30, 2006 7:31 AM

You have it slightly wrong on the Ontario lottery problem. This didn’t have anything to do with scratch-and-win, it was with the drawing-at-the-end-of-the-week type. When a customer presented a ticket at a seller to be checked, the clerk checked it, and when it was a big winner, said it was a small winner, paid the customer $10, and then cashed the big winner themselves.

dlg November 30, 2006 7:58 AM

Unfortunately, removing the data from the physical possession of the owner of a device often also removes important features of the original system. Take stored value cards. They are, or can be implemented, entirely anonymous (some early cards in Germany were, banks didn’t give them to you unless you insisted, but they existed for a while). A system with a central server might still be implemented anonymously, but it always allows tracking.

So, while from a security point of view, separation of device and data ownership might not be desirable, it is a trade-off regarding other features that are only possible with that separation.

Greg Phillips November 30, 2006 7:59 AM

kgc: The Ontario lottery story has been unfolding in phases. The first phase was the scam you talked about, which is relatively easy to secure against using, e.g., self-service ticket-checking kiosks or even (gasp) manually checking the numbers on your ticket yourself. The second phase was the problem with scratch-and-win tickets that Bruce is reporting on. See for example this CTV news story:

Dave Aronson November 30, 2006 8:08 AM

Aren’t the winning numbers, and the resulting payoff for any given winning ticket, made public? I don’t know how Ontario does lotteries. In most US states, the drawing is done on live TV, the numbers from the latest drawing are posted at most places that sell tickets, the latest jackpot total is usually posted there (plus on billboards, TV ads, newspaper ads, etc.), and there is a definite payout plan — $X for matching all the numbers in order, $Y for matching them all but out of order, $Z for matching all but one in any order, etc. The pot might be split with other winners, but still, the amount and rules are public knowledge. It’s practically a running joke down here, of people anxiously checking their tickets against the drawing as it happens, and bemoaning almost winning some (specific) huge amount. So, it seems to me that there are two likely explanation for the Ontario incidents. Either the amount and/or rules are NOT public knowledge, in which case it’s an even dumber bet than usual, or the people who got tricked did not bother to “do their homework” and figure out what their payoff SHOULD have been, and are rather trusting. What’s the scoop?

Fred Page November 30, 2006 8:29 AM

“The most obvious applications for this attack are DRM systems that try to use a protected partition in the CPU to prevent the computer’s owner from learning the DRM system’s cryptographic keys.”

To me, the most obvious application of this sort of attack is privilege escalation (ex: guest account to administrator).

Kees November 30, 2006 8:53 AM

“You can buy a safe so strong that you can lock your valuables in it and give it to your attacker — with confidence.”

What if the manufacturer is also the attacker?

Paeniteo November 30, 2006 9:07 AM

“What if the manufacturer is also the attacker?”
Not so sure about safes, but it wouldn’t matter for crypto algorithms at least.

RSaunders November 30, 2006 9:08 AM

@ Kees,
It’s more likely that the attacker is also a customer of the manufacturer. It’s common to find thieves have purchased security devices in order to figure out where to drill into them. Manufacturers of high end equipment institute device individualization, where every unit is different, to guard against this.

Clive Robinson November 30, 2006 9:16 AM


From your description of the problem, the solution to the problem is to remove “off line” DRM systems and only have “On Line” DRM systems.

IF this is the only real solution to the problem then it will make many many security systems much easier to design develop and secure (and in many ways reduce the cost of ownership).

Jeff Pettorino November 30, 2006 11:37 AM

@Clive and Bruce

That’s a simplistic reply, to remove the separation of data and device security/ownership. I’m playing devil’s advocate and not offering any alternatives (slapping my own wrist), but it’s easy to say “take the data and the device security out of the equation; make the device a conduit to a secured remote location where the data is protected…”

But offline DRM is what the consumer industry wants. iPods that require a password for each iTunes purchased song before you can play it, EACH TIME you play it? Unthinkable. Steve Jobs would have a coronary at the loss in market share. I agree removing offline DRM would remove a lot of problems, but I’m still waiting for the flying car technology, so this prospect doesn’t give me much confidence.

Dan November 30, 2006 11:40 AM


“You can buy a safe so strong that you can lock your valuables in it and give it to your attacker — with confidence. ”

Uhm… not really. Safe security is measured/rated in minutes, in other words : “How many minutes it takes for a skilled safecracker to get inside.”

ex-IPMP November 30, 2006 12:56 PM

Bruce, you have it bang on. The threat model of DRM system is the most severe of commercial secure systems. Not only do you have the traditional attackers, your user must be assumed to be hostile. In general, it is a no-win situation. To make it really secure requires inconveniencing the customer. A well-funded attacker will be able to crack any DRM.

The security requirement of DRM systems is fundamentally driven by financial requirements. A super-duper DRM system designed for 20 year life cycle is overkill to protect a pop song that has a commercial half-life of 12 months. The best that can be achieved is to make it inconvenient for the casual attacker to bypass the DRM.

And when you get down to it, eyes and ears are analog “devices”, a studio-quality microphone(s) in front a studio quality speaker(s) will produce a digital copy that is good enough for 99.99% of the people out there.


“Offline” DRM is a commercial requirement. Too impractical to oblige your customer to be always online. It’s too expensive and there are many parts of the world where online is not always available.

eWilliams November 30, 2006 1:18 PM


I think you missed Clive’s point. He said “IF this is the only …”. It’s sarcasm, he is pointing out that engineering would be simpler if users only had “wants” for things that were easy to implement. DRM is engineering a solution that gives users some things they want while not giving them other things that they want. It’s been tried a million times, like anti-tamper carburetors to force cars to have less power for less pollution. The track record is quite poor, due to class breaks as Bruce pointed out. “Online DRM” won’t work without potting all electronics in scratch-and-sniff-nerve-gas. That means it won’t work, not that it’s too expensive.

wpn November 30, 2006 1:31 PM

This is the same issue that comes up with every outsourcing. How can you control access to data when you don’t control the box it resides on?

X the Unknown November 30, 2006 2:38 PM

@Paeniteo: “Not so sure about safes, but it wouldn’t matter for crypto algorithms at least.”

Unless, of course, it’s one of those “extra-secure” proprietary algorithms…

Davi Ottenheimer November 30, 2006 2:45 PM

“But offline DRM is what the consumer industry wants.”

It’s what the consumer needs, because online is never “always”, and even if it would be, there’s a cost related to time/quantity. Consider mobile devices with email, music, financial files, etc.. and you’ll see designs that emphasize off-line (also called airplane or tunnel) mode with incremental download. The incremental bit is key because it implies the ability to re-auth without user-interaction.

The only way to fix that issue is to either convince users to wait for access, or to keep the feed alive and…close to free.

RonK November 30, 2006 2:50 PM

‘ I called these “side-channel attacks,” ‘

I was just wondering recently who had coined that name for those kinds of attacks! Of course, after reading the “Bruce Schneier facts”, I should have known…

Someone should edit the “side-channel attack” article on Wikipedia to add this interesting info.

Anonymous November 30, 2006 3:39 PM

And when you get down to it, eyes and ears are analog “devices”, a studio-quality microphone(s) in front a studio quality speaker(s) will produce a digital copy that is good enough for 99.99% of the people out there.

Forget the expensive transducers.

Trust me, you don’t need studio quality mics or speakers. All you need is the minimal electronics knowledge to run the speaker output signal to a line-in jack. That’s no more complex than a shielded cable and an attenuator. Spend under $10 at RadioShack and you’re ready to rip.

If you can tap the analog signal even earlier, you can eliminate output-amp distortion, but it probably doesn’t matter that much.

Anonymous November 30, 2006 3:41 PM

Unless, of course, it’s one of those “extra-secure” proprietary algorithms…

Or maybe a standard algorithm implemented with a covert channel. Unless the customer has the source and can verify that what’s running matches that source, you can’t necessarily trust the manufacturer, either.

A covert channel isn’t the same as a side channel. See “Applied Cryptography”.

How ChoicePoint is Just Like Napster November 30, 2006 4:32 PM

I like how Bruce puts his finger on these concepts that are so simple to understand and yet illuminate a whole class of issues.

On a tangent, it occurs to me that DRM shares symmetry with consumer privacy protection.

Companies want to prevent the unauthorized sharing of (entertainment) information by consumers.

Consumers would like to prevent the unauthorized sharing of (personal) information by companies.

The ethics underlying both are similar (IMO), and it is technology that facilitates the abuse in each case.

The obvious difference is that entertainment information is protected by law (copyright), while a consumer’s personal information is not (at least in the US, for most cases).

Hence Napster was not only unethical but was clearly illegal, whereas ChoicePoint-style datamining is unethical (IMO) but thrives.

Is there a symmetrical solution?

X November 30, 2006 4:41 PM

The second security problem is similar, but you store your valuables
in someone else’s safe.

You mean like a safety deposit box in a bank?

…Compare that with a traditional drawing-at-the-end-of-the-week lottery system….

Apples to Oranges. Each has it’s own form of attack, and it’s own weaknesses.

Scratch-and-sniff can be X-rayed. (Or viewed with strong lights.)
You can cash one winning card and get away with it. But the odds are
against you finding a big winner in your store’s pile. If you cash a
few hundred small winners, you stick out like a sore thumb
(statistically speaking). If you try to find a few hundred
confederates, somebody is going to talk…

End-of-the-week lotteries are susceptible to drawing manipulation.
Weighted balls, rigged selection, etc.

But it’s far simpler to just buy your ticket after the drawing, when
you know the winning numbers. Sure, they are going to set things up
to prevent you from doing that. But these lotteries are run by state
governments. Organizations not known for their tight security.
Sure, they’ll look at you with a fine tooth comb. But you only have
to get away with it once…

Then again: Don’t do the crime if you can’t do the time…

ex-IPMP November 30, 2006 7:11 PM


I did miss @Clive’s point. Thank you. In any case, online DRM systems can be broken using controlled environment like a custom virtual machine and replay attack. Attack tools are getting commoditized.

I do think super-strong DRM is a waste of time. Rubber hoses and $money paid to the right parties does wonder. DRM, whether online or offline, is just a speedbump. It’s just a matter of how big of a speedbump.


When the trusted speakers becomes common, analog microphones will be necessary. It will become more common as the H/W for trusted computing has become built into processors. Digital trusted speakers is only a few steps away if the RIAA has it’s way.

Quandary November 30, 2006 8:18 PM


DRM is worse than the metaphorical safe problem you described. The publisher is putting their content in the safe, then handing the safe to the consumer — but the consumer wants to be able to get at what’s inside the safe (because why would they pay to house this safe otherwise?). So, what has to happen? The consumer has to call up the publisher, and have him come out to open the safe — allowing the consumer to get at the content.

However, now the problem becomes how to keep that content that might have been protected from getting lifted at this critical exposure point? What keeps the consumer from sucker-punching the publisher (lifting data from an unencrypted digital channel before output), or hiding a cameras to carefully watch what the the combination/key cuts are (side-channel attack), or taking photos of the content itself (analog hole)?

The problem isn’t the safe. The problem is that the attacker and the recipient are the same person. The fact that someone is simultaneously supposed to have and not have something is just preposterous — so much so, that DRM could be rightly coined “Decidedly Ridiculous Malarkey.”

Ralph November 30, 2006 8:49 PM

A good piece of work Bruce.

We really have to keep finding good analogies from the real world.

I wish I had the book of security proverbs.

Clive Robinson December 1, 2006 7:49 AM

@Jeff Pettorino

“That’s a simplistic reply”

Yes it’s why I capitalized the “IF” I guess I will have to find a more visible way to do a sarcastic “IF ONLY all roses where red…” (especially as I also have the bad habit of holding the caps lock a little to long, hmm… thinking cap on time 😉

Seriously though there are two distinct issues to deal with here from an individuals perspective, Digital Rights Management (DRM) that Bruce talks about and Personal Privacy (PP) which he only mentions in passing.

Unfortunately they are very intertwined when it comes to Intellectual Property Management (IPM) and Customer Relations Management (CRM) in their broader sense.

It is to do with the balance of power between a Rights Holder Manager (RHM) and their end “Customers” both as Individual Customers (IC) and Consumer Groups (CG).

As an individual you have little or no power over the RHM and they can extract pretty much what they think they are entitled to in return for allowing you access to what they view (incorrectly) as “their Content”.

This is not just Money-For-Content which is a basic DRM issue, but also your personal information / habits etc which is very much a PP issue.

The RHM desperately wants this so called “marketing data” to make more money by selling it to other organizations both commercial and more worryingly Governmental (more of which later).

On the other hand you as an IC are part of a Consumer Group (CG) and have “purchasing power” over the RHM. If you do not like the RHM’s terms then you have the (all be it very) limited option of taking your custom else where. As a collective group this enables you to boycott unfair terms if you are aware of them (think Sony’s ill fated DRM on the sly) or have alternative options unless there is a constraint against free market economics (think preventative legislation requiring DRM etc).

However the RHMs by traditionally controlling the content and it’s delivery mechanisms in a monopolistic fashion have held sway on the entertainment industry. And in the process turned it into an industry where the RHMs are hated and reviled by both their (thinking) customers and content suppliers.

From the RHM’s perspective the IC is irrelevant except as a small part of the income stream to be exploited. The CG is only of relevance because of other parties the RHM has to deal with specifically,

— The Intellectual Property Owner (IPO)
— Governmental Organizations (GO)
— Content Player Manufactures (FMCEM)
— Industry Organizations (IO)
— Standards Organizations (SO)

You need to see how the RHM is affected by these parties to understand the “beast” and it’s motivations.

The RHM needs content that the CG wants to purchase, they get this from the “Singers & Song writers” etc. these are the “artistic types” that actually create and own the Intellectual Property on the content the RHMs push.

The artists are therefor IPOs and traditionally they contract their property to the RHM (ie the RHM does not own it just has some supposedly limited rights to distribute and take a commission…).

Until very recently the RHMs had an effective strangle hold on content delivery and distribution which was only limited by legislation from GOs.

In the recent past the GOs have had little or no interest in restraining RHMs (in practice the opposite appears to be the case currently). So the RHMs had quietly put themselves into a position of considerable power and have very much capitalized on it as an effective monopoly.

However the Internet has opened up other content delivery and distribution methods that do not require the RHM and that obviously scares them, as it has kicked away one of their fundamental foundation stones.

IPOs now have a choice that was not previously available to them, Therefore they now have a lever against RHMs for better terms and conditions (which might go part of the way to explaining why we have so many “manufactured” artists these days, who will sign faustian contract for their fifteen minutes of fame).

The RHM fairly obviously needs content delivery systems, such as “sheet music” and “phonographic records”. Today these are Fast Moving Consumer Electronic (FMCE) Dual Use items such as MP3/USB memory players, Portable gaming consoles and mobile phones.

These are manufactured by large FMCEM organizations who out of the “economies of scale” require standard formats for storing content. Their turnover is an order of magnitude or so more than that of the RHMs.

Therefor the FMCEMs tend not to listen to RHMs but to Industry Organizations (IO) and Standards Organizations (SO).

Originally the relevant IOs where formed by the RHMs out of their self interest (RIAA etc). However today IOs tend to be formed by representatives of the FMCEMs out of their own interests (not those of the RHMs).

Likewise SOs tend to have FMCEM and GO representatives vastly outnumbering those of the RHMs (if they are even allowed in). Worse for the RHMs credibility, when they have tried to influence the IOs and SOs their solutions turn out to be pretty much turkeys (Think CSS and other existing DRM technology).

So the IOs and SOs pragmatically tend to pay only lip service to the RHMs at best. This scares the RHMs as they now have little or no control over content delivery systems.

Further to this FMCEMs hate DRM systems for a whole load of technical and other reasons, the foremost two being it unnecessarily slows the design cycle, and it likewise reduces profits…

The only strangle hold left to the RHMs over FMCEMs was withholding of content which is what happened with DVDs and CSS. It appears the FMCEMs saw it as a problem that interfered with amongst other things manufacture, so put in easy codes for operators to change/obviate Region Codes etc whilst testing. Obviously these became public knowledge quite quickly.

The RHMs still had one real foundation stone (strangle hold) left and that was over the distribution channels, but again that has been snatched away from them, by the Internet and the lack of need for pre-recorded media (a battle the RHMs had fort and lost with the Phillips cassette recorder format…)

What where the RHMs to do they had lost most of their foundations in a few short years.

First off they had had 30 years warning with their loss over Audio and Video cassettes and the attendant “illegal distribution” so had some experience in dealing with it. However they assumed that all of these threats had a central financial interest / control that could be attacked. It was a bit of a shock for them when the Internet turned that idea on its head and enabled completely de-centralized very fault tolerant systems to be developed freely…

The need to distribute large quantities of data cheaply to Universities etc in the 1980s gave rise to Silverplater developing the Audio CD into a Data CD connected to PC based computer networks. Microsoft and other organizations realized the benefit and started to support the format. This was quickly followed by the realization that to safely back up large quantities of data on Personal Computers hard drives meant that being able to write CDs was very desirable so the technology appeared. This also meant that Audio and other CD formats where easy to copy and duplicate, but the RHMs where to late/unable to stop it.

Likewise the PC/CD technology brought down the cost of recording and producing high quality audio, this meant that groups did not have to go cap in had to the RHMs A&R men or the studio’s they either directly or indirectly controlled.

The artist could go it alone in their bedroom and start their own record labels and CD production and sell at their gigs etc.

No longer where the RHMs a small self interested group in a monopolistic position. First small groups then larger groups of artists got upset with the RHMs.

This did not overly matter as long as the RHMs initially thought they controlled the distribution channel. The RHMs response contractually “jail new talent” and promote “manufactured bands” and use it to “warn off” established talent.

But the Internet then robed the RHMs of the distribution channel strangle hold they thought they owned. Their response litigation and publicity and try to convince the public that all downloads where illegal and where destroying artists lively hoods. With the subtext “that only the RHMs could guarantee” quality product etc.

Then recently to the RHMs embarrassment groups have got to the top of the charts entirely without them. Worse there is now a chart for Internet only music which is apparently a “more happening scene” than the RHMs offer. Worse still the RHMs have had to go cap in hand to some of these artists to distribute through their channels…

In 2000 Digital Watermarking gave rise to the notion of technical Content Management systems. However as has been shown Watermarking is fragile at best and content management based on it can be fairly easily bypassed, so the technology was effectively still born.

Worse high quality analogue for most purposes is available so copying in a very slightly lower format is easily possible for ICs and the law appears to support them in this (for traditional media). Also various analogue “Video Copy Protection” systems had all failed to reliably achieve their aims in the 80’s and 90’s.

At the end of the 1990’s computer games protection systems entered a new phase where the console manufactures started to use cryptography and other “embedded” techniques to try and (fail to) stop copying.

Microsoft appeared to suffer the worst public exposure on this with their X-Box Console and from this their ideas on Trusted Platforms started to surface. Which finally gave the possibility of the RHMs “Holy Grail” of pay every which-way/use enforceable DRM model.

That being said however we still do not have a workable model of a “user controlled” system with “perfect DRM”, and I am not sure we ever will (except in theory) for purely economic reasons.

The cost of “imperfect DRM” systems will escalate faster than technology reduces it. DRM is also extremely environmentally unfriendly as well and serves no useful purpose as far as the CGs and FMCEMs are concerned.

Likewise both CGs and FMCEMs dislike the RHMs who support DRM simply because it gets in the way of what they want to do and slows things down (which is never good personally or for profit).

Therefor market forces should come into play, which would almost always favor the CG over the RHM content supplier in an open market, and most likely should do so in this case.

However there is another fly in the ointment…

What if there is some other force brought to act on the situation by the RHMs to try and protect their existence?

It might well tip the balance back in favor of the RHM content supplier. Such a force could be by legislation which appears to be the route Senator Fritz Hollings and his RHM backers appear to favor.

Unfortunately the GOs seem attracted to this, in these post 9/11 & 7/7 days restriction of individuals rights and privacy is the order of the day. As well as the GOs overriding desire to use terrorism as an excuse to create large central databases on just about everything their citizens do.

Now if you are an RHM or it’s IO then how would you protect your future now that you have had your foundations kicked out?

Well you could get on the terrorist band wagon and go to the GOs and say,

“You can spot people who are in danger of becoming radicalized by what they view” and “Prevent them becoming a danger to the public”. Likewise “You can spot terrorists by their content interests”, therefore “We can help stop terrorism by monitoring access to information”. “We have technology that can do this”, “We can also give you the GO access to all this PP data”. Therefore “We can help stop terrorism by controlling access to information” for you, what “We need is laws to put DRM in every new device”, and all yor terorist problems will be solvable.

For the astute reader you may notice that the individual statements have been made by others in the RHMs and GOs and other marketing etc organizations already, all I have done is put them together…

Bets on it happening this way ?

Lastly my apologies for an “overly” long posting to the Blog (I know I am a repeat offender 🙁

Juhana Siren December 1, 2006 7:52 AM

Very good points about DRM. I’d just like to add one thing that’s more related to the business aspect of things: from the consumer’s point of view, restricting the use of legally purchased content is reducing value of the purchase, not adding it.

Compare two digital songs: one ripped from a (store-bought) CD, without DRM, usable at the user’s discretion; another bought at an online music store, with DRM, only usable subject to the publisher’s whims, possibly expiring without warning. Which is more desirable? Would people have an incentive to add value to a product that they perceive having been artificially stripped of value, if it were easy to do?

There have been examples of selling reduced value in the past, and enterprising people usually tend to work around the limitations…

Tangent December 1, 2006 2:22 PM

@Clive, I follow you up until the forecasted use of the “war on terror” as justification for expanded pro-DRM legislation.

In general, I agree that both of those camps would be happier if there was no possibility of anonymity (and therefore no privacy) on the “Internets”, telephone, or in real life.

But the entertainment “RHMs” can’t realistically offer more useful personal data than is already being collected by other means, IMHO. I don’t see what they have to offer in that regard.

Of course Trusted Platform (i.e. automated consumer identity verification) efforts will continue to move forward regardless of any link to the so-called “war on terror”.

Bank kartels? December 2, 2006 11:01 AM

“Compare a stored-value card with a debit card. In the former case, the card owner can create money by changing the value on the card. For this system to be secure, the card needs to be protected by a variety of security countermeasures. In the latter case, there aren’t any secrets on the card. Your bank doesn’t care that you can read the account number off the front of the card, or the data off the magnetic stripe off the back — the real data, and the security, are in the bank’s databases.”

Here you ignore the fact that this makes the bank an intravenous attacker providing backdors to any transaction and data security an illusion.

Arent you forgetting the secure solution of Digital Cash? Sure Digital Cash should be combined with a number of protections of loss etc., but it is inherently much more secure than any credit card model will ever be.

Karl Voit December 3, 2006 6:24 AM

I completely misunderstood the lottery problem in Ontario.

Never mind 😉

There was a case in Vienna (the original one, here in Austria/Europe g), where employees found out the winning tickets by scratching small parts of the ticket. It was in the local press a few days ago.

Jörg Wittenberger December 4, 2006 3:00 AM

Separating data/device ownership is a 5 yr. old hat now in computer sience. Despite some “public desinterest” (probably due to under-funded PR work) we’ll soon proof this fundation of electronic contracting. — Certainly worth the computational overhead and paying attention to other security issues.

Xellos December 4, 2006 9:21 AM


Nice essay, just wanted to put on my grammar nazi hat for a moment. You made a mistake I’ve seen more and more lately, and in a large number of places use ‘where’ where you mean ‘were’.

For instance “Originally the relevant IOs where formed by the RHMs”

Clive Robinson December 5, 2006 12:56 PM


“You made a mistake I’ve seen more and more lately, and in a large number of places use ‘where’ where you mean ‘were’.”

Guilty as charged, I put my hands up 8(

I should remember the “My tools were where I left them” rule but…

My defence (not good for somebody of my age who should know better),

1) I was typing a lot in a time limited period whilst also trying to remember, think and eat (ie lunch time in UK)

2) I am also one of those “unfortunates” who suffer from the old “word blindness” problem which often results in odd mistakes, reversed letters and less than cute gramatical errors.

I (more than) once typed wharehouse, instead of warehouse. Unfortunatly on one occasion the spell checker corrected it to something else in my presentation and I was to tired to notice. The following morning it only caused good natured laughs from my colleagues and very red ears on my part.

Should we ask Bruce to add a spell checker to the [Preview] and [Post] buttons?

However it would not pick up the were/where problem as has been pointed out in,,1000000308,39273376,00.htm

Which expresses a view point I am reasonably certain you will have a smidgen of sympathy with.

Greg Franks December 15, 2006 7:32 PM

Re: Separating Data Ownership and Device Ownership

Bruce, you’re right on both counts. There were two problems identified with the Ontario lottery system.

Problem 1: clerks scratching lightly the area where the magic serial number is found. All you have to know is where the serial number is concealed and away you go. If two triangles are present within the string, then the ticket is a loser, so if you find the triangles, stick that ticket in the pile to sold to the dupes. See

Problem 2: clerks cashing in winning tickets. It was more along the lines of “congratulations, you won $5.00,” when in fact the ticket was worth far more. The machines are being redesigned so that you see the results from the ticket check, so you don’t have to take the word of the clerk. But, palming tickets would be a good trick too. See

A little statistics goes a long way 🙂

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.