[EROS-Arch] encrypted log entries, etc.

[Kragen Sitaker]

It's impossible to prevent someone who controls a computer from
understanding what that computer is doing, which is what the current
discussion about secret diagnostic log formats comes down to.  You can
successfully come up with architectures that are massively inconvenient
to understand, but I don't think that's a good thing.

Let's not try to prohibit what we can't prevent.

Furthermore, this work plays into the hands of some of the most
dangerous and evil forces in the world today.  I'm not talking about
suicidal terrorists that blow up buildings; I'm talking about the media
industry, who seem to be willing to destroy the Western intellectual
tradition of freedom of inquiry in pursuit of protecting their
profits.  This kind of work can only serve those who are behind things
like the SDMI, the SSSCA, the Sklyarov lawsuit, and the DeCSS
lawsuits.

I think ethical computer scientists have an obligation not to think up
and publish better technical underpinnings for the SDMI, in the same
way that ethical physicists have an obligation not to think up and
publish designs for more efficient nuclear weapons.

Oh, by the way, you don't need an ICE or VMWare to grab the key from
main memory; ptrace() or its equivalent (a process's service key?), or
a DMA controller, work too.

-- 
<kragen@pobox.com>       Kragen Sitaker     <http://www.pobox.com/~kragen/>
Perilous to all of us are the devices of an art deeper than we possess
ourselves.
       -- Gandalf the White [J.R.R. Tolkien, "The Two Towers", Bk 3, Ch. XI]