phil-news-nospam@[EMAIL PROTECTED]
wrote:
> On Sun, 04 May 2008 15:54:28 -0500 Jer <gdunn@[EMAIL PROTECTED]
> wrote:
>
> | Another old adage I remember is "the devil's in the details" and those
> | details may be embedded in the additional un-GPL code they use on
their
> | DVR, hence their mention of that potential somewhere on that same
page.
> | I didn't figure it would take long to get in way over my head on
this. :)
>
> Of course their application code could be non-GPL. Certainly their keys
> will be hidden.
>
> They do warn that one should not build and load from what is available
for
> download as it will make the receiver non-functional. Of course it
won't
> function if all you have is a kernel and no programs to run. But what
that
> suggests to me is that it is _possible_ to load firmware. What I don't
know
> is how far they would go to ensure users cannot alter things. I do know
how
> to make it terribly hard to do. But if they didn't come up with good
ways
> to block it, maybe I could take the firmware they do have and _add_ my
own
> programs to it. Their whole encryption scheme on the birds is
vulnerable,
> so who knows about this. Managers do too often make technical decisions
> they are just not qualified to make, and when it involves security,
things
> become easy targets.
>
This reminds me of the Seinfeld episode when Kramer wanted to help Jerry
keep track of his cufflinks, so Kramer put the cufflinks in his new
strongbox. Hiding the strongbox key in the food dish of a neighbor's
bird cage, the bird presumably ate the key and died, and was buried in a
pet cemetery. When Jerry needed his cufflinks, he and Kramer went to
dig up the bird to get the key. Unsuccessful, they returned to the
apartment, whereby George came in, saw the strongbox, presumed it was a
new picnic cooler, and opened it by simply lifting the lid. The manager
of the strongbox (Kramer) never locked it in the first place.
--
jer
email reply - I am not a 'ten'
|
