1 |
On Tuesday 17 July 2007, burlingk@×××××××××.mil wrote about 'RE: |
2 |
[gentoo-user] 2 to 3??': |
3 |
> TiVo did not allow modified, and therefore potentially |
4 |
> Compromised, devices connect to their network. |
5 |
|
6 |
More than that -- they don't allow the "compromised" devices to boot. Of |
7 |
course, that's *required* to lay down the restrictions they want, since |
8 |
one the device is booted from freely modified code, there's no method of |
9 |
remote attestation to guarantee your aren't just pretending to be |
10 |
a "genuine" device. |
11 |
|
12 |
> This does not sound like theft of code, it sounds like sound network |
13 |
> protocol. |
14 |
|
15 |
So, sound network protocol validates the data sent, it doesn't require the |
16 |
other end to be arbitrarily "trusted". Remember "trusted" is just DoD |
17 |
speak for "allowed to violate security policy". |
18 |
|
19 |
> If you wish to maintain a secure environment that is stable |
20 |
> for thousands of users, and has a lot of money riding on it, you do |
21 |
> not allow compromised devices to connect. It is that simple. |
22 |
|
23 |
BS. |
24 |
|
25 |
Second life allows any client to connect as long as they follow the |
26 |
protocol. There's a wide variety of WoW hacks that modify the running |
27 |
executable (a binary patch applied at runtime) that, while not allowed |
28 |
under the EULA, work quite well on the real servers and have not increased |
29 |
the number of server crashes or scheduled restarts. |
30 |
|
31 |
Securing the network is not done by securing the remote devices. (You |
32 |
don't need to trusted ethernet card to connect to a cisco router, or a |
33 |
cable modem.) It is done by validating the data sent, having a |
34 |
well-defined network protocol, and disconnecting clients that provide bad |
35 |
data. |
36 |
|
37 |
> The TiVo thing was completely within the word and spirit of the GPL. |
38 |
|
39 |
It was *barely* within the word, and definitely not within the spirit of |
40 |
the GPL. Don't beleive me? Ask anyone at the FSF or RMS himself. They |
41 |
wrote the thing. |
42 |
|
43 |
-- |
44 |
Boyd Stephen Smith Jr. ,= ,-_-. =. |
45 |
bss03@××××××××××.net ((_/)o o(\_)) |
46 |
ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' |
47 |
http://iguanasuicide.org/ \_/ |