Month: January 2007
-
Why So Many Undervotes in Sarasota?
The big e-voting story from November’s election was in Sarasota, Florida, where a congressional race was decided by about 400 votes, with 18,412 undervotes. That’s 18,412 voters who cast votes in other races but not, according to the official results, in that congressional race. Among voters who used the ES&S iVotronic machines – that is,…
-
Record Companies Boxed In By Their Own Rhetoric
Reports are popping up all over that the major record companies are cautiously gearing up to sell music in MP3 format, without any DRM (anti-copying) technology. This was the buzz at the recent Midem conference, according to a New York Times story. The record industry has worked for years to frame the DRM issue, with…
-
Wikipedia Leads; Will Search Engines NoFollow?
Wikipedia has announced that all of its outgoing hyperlinks will now include the rel=”nofollow” attribute, which instructs search engines to disregard the links. Search engines infer a page’s importance by seeing who links to it – pages that get many links, especially from important sites, are deemed important and are ranked highly in search results.…
-
Diebold Shows How to Make Your Own Voting Machine Key
By now it should be clear that Diebold’s AccuVote-TS electronic voting machines have lousy security. Our study last fall showed that malicious software running on the machines can invisibly alter votes, and that this software can be installed in under a minute by inserting a new memory card into the side of the machine. The…
-
AACS: Modeling the Battle
[Posts in this series: 1, 2, 3, 4, 5, 6, 7.] By this point in our series on AACS (the encryption scheme used in HD-DVD and Blu-ray) it should be clear that AACS creates a nontrivial strategic game between the AACS central authority (representing the movie studios) and the attackers who want to defeat AACS.…
-
AACS: Sequence Keys and Tracing
[Posts in this series: 1, 2, 3, 4, 5, 6, 7.] This is the sixth post in our series on AACS, the encryption scheme used for HD-DVD and Blu-Ray discs. It’s time to introduce another part of AACS: the Sequence Key mechanism. Throughout our AACS discussion, we have done our best to simplify things so…
-
AACS: Title Keys Start Leaking
[Posts in this series: 1, 2, 3, 4, 5, 6, 7.] Last week we predicted that people would start extracting the title key (the cryptographic key needed to decrypt the contents of a particular next-gen DVD disc) from HD-DVD discs. Indeed, it turns out that WinDVD, a popular software player that runs on PCs, leaves…
-
AACS: Game Theory of Blacklisting
[Posts in this series: 1, 2, 3, 4, 5, 6, 7.] This is the fourth post in our series on AACS, the encryption scheme used for HD-DVD and Blu-Ray discs. We’ve already discussed how it’s possible to reverse engineer an AACS-compatible player to extract its secret set of device keys. With these device keys you…
-
AACS: Blacklisting, Oracles, and Traitor Tracing
[Posts in this series: 1, 2, 3, 4, 5, 6, 7.] This is the third post in our discussion of AACS, the encryption scheme used for HD-DVD and Blu-Ray discs. Yesterday Ed explained how it is possible to reverse-engineer a player to learn its secret device keys. With the device keys, you can extract the…
-
AACS: Extracting and Using Keys
[Posts in this series: 1, 2, 3, 4, 5, 6, 7.] Let’s continue our discussion of AACS (the encryption scheme used on HD-DVD and Blu-Ray discs) and how it is starting to break down. In Monday’s post I gave some background on AACS and the newly released BackupHDDVD tool. Recall that AACS decryption goes in…