HDTV geektalk - (was: Voip teleophony - Anyone know Packet-8 or others)?
Ben Scott
dragonhawk at gmail.com
Sun Dec 18 23:50:01 EST 2005
On 12/14/05, Bill McGonigle <bill at bfccomputing.com> wrote:
>>> You would do this with signed code and a crypto provider.
>> Yah, we've seen how well that works for MSIE and ActiveX. :-P
>
> I know you're not crazy ...
Debatable.
> ... so we'll assume that's doubly facetious and
> you're not holding up MSIE as security done right.
Certainly not. But: It is a common problem that people using MSIE
ignore the warnings that installing software can harm their computer,
click all the needed UI widgets, and proceed to install the signed and
authenticated scumware. Code signing is only useful if it reflects a
real-life trust of the code provider, and the vast majority of PC
users (let alone TV users) are not in a position to make that kind of
determination.
Code signing has it's uses. This isn't one of them.
> You're talking about Windows again and projecting its abysmal design
> onto computing in general. See also Mac OS and Linux ...
wget http://www.scumware.com/scumware
./scumware
> ... even those
> have way too lax of a security regime for something like a cable box.
Exactly. :)
> That's why I mentioned Java which already has everything built-in to
> ensure code that's coming in over the cable network has been signed by
> the cable provider ...
You say "signed by the cable provider". That implies the cable
provider is acting as the guardian and approver of all code. We
already decided we don't like that. Or do I misunderstand you?
> If the TV is based on embedded linux and Java you can put
> whatever your want onboard locally, not by downloading Gator from the
> Intarweb.
Well, I'm envisioning what happens when everybody and their brother
starts installing software on their "smart TV". There was a time when
you could trust everyone on the Internet, too. We saw how that turned
out. I'm asking: What's to prevent the same from happening to these
smart TVs?
So far, as counter-measures, you've put forward (1) code signing and
(2) Windoze sucks. For the former, I assert it won't help (see
above). For the latter... while I agree with that sentiment, I also
believe that there is nothing inherent in Linux or MacOS that will
protect against users who act as if they are determined to compromise
the security of their own systems.
>> A TV set that can run arbitrary programs is not a TV anymore, it's a
>> general-purpose computer.
>
> That's what a cable box is. You just don't have the keys ...
I also don't have the keys to the micro-controller in my CRT that
runs the little on-screen display that adjusts the contrast. I can
live with that. If I want something more, I can still buy or build
something more. I object to the idea that I *need* a general-purpose,
Java-enabled, network-connected, email-sending, web-browsing
super-computer to control my CRT's contrast -- or my TV's channel.
> ... and can't do what you want to with the product you're paying for.
I make a distinction between knowledgeable computer people such as
you and me, and "the typical user". *I* want to hack my TV, my TiVo,
and my toaster. I feel that I am sufficiently knowledgeable and
cautious that I can protect myself against Trojan horses. History
demonstrates that a great many people cannot do this.
How do we design a system that works for both? Or can we?
> You're not reducing complexity - you're forfeiting all control of your
> machine to someone who doesn't have your best interests in mind and may
> manage that complexity differently. Are you sure you don't want a Mac?
HAH! Touche!
-- Ben
More information about the gnhlug-discuss
mailing list