So the thought is pretty simple.
A monofunction PCB that when power is supplied from the HDMI, generates a private key signature, displays it as a QR code for a few moments, then plays whatever video is stored on nand.
The QR code confirms the legitimacy or official-ness of the copy.
Encourage copying, modifying, as well as redistributing the content. However build a culture of the 'Unpause-able Player Stick':
Friends should still feel obligated to support the art through peer pressure to use one of these sticks that can prove its legitimacy, during ritualistic communal watchings.
Airgapped for security and durability (viruses can still damage hardware after all)
Sounds interesting. This sounds like a bit of 'how'. The 'why' is alluded to in the title but not so much in the body.
I can understand DRM-free to allow more freedom to user. What I'm missing is more of what advantages the user reaps from using this device. Does the user purchase, rent, or borrow the stick? Who can load content onto it?
What problem(s) does it solve?
What do you mean by "Merch Alternative"?
The advantage is social, stating "I've supported this art, this stick generates the QR code that proves that"
"Merch Alternative" I mean like instead of DRM Blu-rays or DVDs etc.
The device being airgapped so that the only input is power, should socially suggest that one can't be tampered with or forged (i.e. by extracting a signing key).
This solves the problem that many aren't reminded of the importance of supporting artists that create the art that they use. It adds an element to the conversation that helps individuals find an excuse to remind each other to pay monetary tribute to source artists (including film makers, animators, audio book authors, etc).
As a dual function, the signing key could serve as a cryptocurrency wallet. So simultaneously while checking the authenticity of one friend's contribution, the friend that's doing the checking can also make a contribution so as not to appear hypocritical.
> "Merch Alternative" I mean like instead of DRM Blu-rays or DVDs etc.
Blu-rays and DVDs are essentially dead tech at this point. I have a hard time even giving away free DVDs anymore because people don't have players.
On 7/22/18, Stephen Paul Weber singpolyma@singpolyma.net wrote:
Blu-rays and DVDs are essentially dead tech
This depends highly on the region.
Most fictional media still grossly depends on the sale of DVDs and Blu-rays, where-ever marketing for such merch turns out effective. (i.e. Japan, major cities with relevant clubs, etc)
Consider how much film still doesn't exist on streaming services, and only get royalties from broadcasts and DVD sales. Many truckers for example most of whom stay many nights alone in motels between drop-sights, feel perfectly obliged to surrender an hour's wage to a convenience story in exchange for a promising unacclaimed feature film to fall asleep to once or twice a week.
https://www.the-numbers.com/weekly-dvd-sales-chart
The monetary contribution per fan, can swing an absurdly wild standard deviation. The very concept of merchandise means subsidizing an art with the sale of trinkets which creatively remind of that art. The cycle can be self-perpetuating when other's who are reminded then go and feel they need more reminders. This gets to be were collectable clocks, dolls, posters, mugs, postcards, shirts, blankets, backpacks, etc, gets wildly overdone.
At the end of the day, this is just a throwback and re-imagining of the old DVD/VHS shelf. A physical location a person would go to see their options of what to watch side-by-side, to pick them out, to look at the cover and decide if the mood fits the situation.
Instead of a shelf, these sticks could go in a pot in on a coffee table, in front of a couch, next to a bed, or, if someone was feeling particularly disruptive and monetarily carefree, next to the front door to give away or tossed to an audience at a convention, or perhaps over or under the main counter at a library.
I just want to take a moment to appreciate how wasteful the consumerism I just described is, from packaging to raw minerals to predictable global drama maintaining game theory which enables sourcing of these materials from "pre-warp civilizations". I'm not condoning this type of economic behavior, however merely commenting this is how global culture is and, if we want to minimize that, we have to start "similar but different" and move gradually where we would like to be from there.
The tricky part is that every attempt "similar but different" before has been historically co-opted and lost its original sense of direction. (which few people appreciate the risk of losing themselves to the sheer complexity of the world, even when conclusions derived from naivety ironically turn out more accurate to reality than conclusions derived after having encountered many more parts of the world already [ this can be since the more naive one more easily takes the role of an isolated observer, than one who has talked personally or had personal dealing with many different cultures. Much like the blind leading the blind. ])
The advantage is social, stating "I've supported this art, this stick generates the QR code that proves that"
I still don't understand in how your device is supposed to state that.
All you have in your device is a bit-stream which the end-user can't trust, so in order to validate any kind of cryptographic data, you'd need some external "trusted" reference (PGP public keys, TLA certs, ...). At that point, the external verifier could just as well read the whole bitstream on its own (i.e. use a standard USB flash stick where you store the data and a signature alongside), couldn't it?
As for "displays it as a QR code", if it's displayed on the screen where the video is being played, then it's trivial to fake by putting the QR image in the video itself.
This solves the problem that many aren't reminded of the importance of supporting artists that create the art that they use.
You don't seem to live in the same world as mine: in my world, the MPAA and other control-obsessed profiteers spend millions of dollars reminding people of that as an excuse for their DRM abuses.
Stefan
On Jul 22, 2018, at 16:48, Jean Flamelle eaterjolly@gmail.com wrote:
The device being airgapped so that the only input is power, should socially suggest that one can't be tampered with or forged (i.e. by extracting a signing key).
One fly in the ointment is that, at least according to my understanding, power on the HDMI is part of VESA (Video Electronics Standards Association) DDC (Display Data Channel) support. As such the power is supplied by the video signal source which is the I2C bus master on the DDC bus. This applies to all of the incarnations of VESA DDC on VGA, DVI, and HDMI.
Thus, in order for us to be able to use the HDMI power pin as an input, we need to be connecting that pin to some other HDMI signal source (computer, DVD player, Blu-ray player, et cetera). Hence our smallest form factor for HDMI-only connections would be an HDMI(male)-HDMI(female) adapter to plug in between an HDMI source (as above, for power) and an HDMI sink (monitor, television, projector, et cetera). For convenience, I recommend connecting between the HDMI source and the HDMI cable going to the HDMI sink.
Another option would be to use a USB connection for power. Not as elegant as the HDMI stick but USB power is relatively ubiquitous for charging mobile devices. And it doesn't require a separate HDMI source just for power. In fact, a lot of televisions with HDMI ports also sport USB ports so a USB cable would be sufficient.
Furthermore, if power is truly our only input we'll have a hard time sending out a signal which is compatible with a wide range of displays unless we choose the lowest common resolution/color depth. We could adapt to the best display mode that the display offers, and that our board can generate, if we connected to the bi-directional VESA DDC bus and read the display's capabilities.
Richard
On Tue, Jul 24, 2018 at 4:41 PM, Richard Wilbur richard.wilbur@gmail.com wrote:
One fly in the ointment is that, at least according to my understanding, power on the HDMI is part of VESA (Video Electronics Standards Association) DDC (Display Data Channel) support.
As such the power is supplied by the video signal source which is the I2C bus master on the DDC bus. This applies to all of the incarnations of VESA DDC on VGA, DVI, and HDMI.
it's also only a maximum of something like 400mA.
l.
Stefan:
All you have in your device is a bit-stream which the end-user can't trust
Not really, since (hopefully) they buy the device through trusted channels (i.e. a local store with cash).
The cryptographic key, (hopefully) proves that the device was flashed by the makers of whatever video is loaded on the device, and maybe is linked to a bitcoin address or something to donate.
The assumption here remains, all content on the device is "free culture".
rhkramer:
Where is the nand (on which the video is stored) -- is it on this stick, or is this sort of a multi-use stick that can check the video on other media for "compliance" with DRM?
Not a compliance thing; yes---unfortunately---this incentivizes excess/waste. As Richard said:
It seems to me that a lot more variety of materials will be required to make one of these sticks than an optical disc which is mostly one type of plastic. That would seem to make the stick more difficult to recycle than the disc.
However:
If the stick can't be loaded with new content, then its use cycle will be closer to a non-rewritable optical disc.
Optimally, the device could be re-flashed.. only the cryptographic key would need to be "write-only", preferably with erasure triggered by any change to the video storage.
Stefan:
You don't seem to live in the same world as mine: in my world, the MPAA and other control-obsessed profiteers spend millions of dollars reminding people of that as an excuse for their DRM abuses.
Yes, but we want to do away with that, correct? So we need to replace that with a more ethical procedure, one which allows cultural content to be "free as in freedom" while simultaneously ensuring such cultural content actually exist in a quality and quantity which allows earthlings to say they actually have a set of cultures. Moreover creativity and ideas spread, so inventive non-destructive conflict perpetuates with the culture and we don't descend into an amoral anarchy with theft and violence just because struggle to find meaning without theft and violence.
Free culture without the moral imperative of "get as much culture as we can possibly get" would be a pretty shallow ethic, from my pov.
Richard:
How do we "encourage copying, modifying, as well as redistributing the content" from an 'Unpause-able Player Stick' that has "air-gap" security?
The security bit is for the private key and hardware integrity. The 'unpause-able' bit adds to that, however more critically makes the nature of device immediately recognize-able and encourages use for social events.
Richard:
What is the utility of making it 'Unpause-able'? That was always one of the advantages I saw to having user control: you can adapt the viewing experience to the realities of your life.
If someone can simply copy the stream onto whatever other device, then the restriction is basically self-imposed.
Playing upon power-on, without pause, and allowing no scrolling through the stream, would make this "play stick" a cold arbiter for social gatherings, so participants can focus on the event or whatever the video shows them rather than viewing it all with as minimal overlap as possible or knowledge gaps.
The assumption remains that, if someone is leaving the area, any argument had over pausing or rewatching what they had missed should be instantly moot, unless they feel they can push the point to rewatch from the beginning.
If the video is paused, then someone is waiting for someone else. Not fun. Low-brow party etiquette. Having differing knowledge gaps between participants of the gathering, incentivizes using conversation rather than technology to fill in those gaps.
if power is truly our only input we'll have a hard time sending out a signal which is compatible with a wide range of displays
This bit is depressing. Bitstreams should be rendered as vector graphics, and monitors should have built-in chips to do whatever conversions are necessary to get the pixels to light.
Sort of a digital credits meta-data list.
I see where you are going with this. Someone could separate the audio, between x and x frames too and apply credits to that portion of the over all file. Still images, as you mentioned, could be the same way.
Clever, I vote converting all video bitstreams to animated vector graphics takes 100% priority!
+1 internet
Hezzah!
All you have in your device is a bit-stream which the end-user can't trust
Not really, since (hopefully) they buy the device through trusted channels (i.e. a local store with cash).
If they trust the channel, then what additional guarantee does the "cryptographic key" provide?
The cryptographic key, (hopefully) proves that the device was flashed by the makers of whatever video is loaded on the device, and maybe is linked to a bitcoin address or something to donate.
"Cryptographic key" is much too vague for the above to really make sense.
A "cryptographic key" is just that: a key. If I sell you a car along with its key, it doesn't prove I haven't stolen the car (e.g. because I stole the key at the same time, or I changed the lock).
The assumption here remains, all content on the device is "free culture".
Then why not just add a "Free Culture" blurb at the beginning of the video promoting the idea, and be done with it?
Using any kind of method to try and prove authenticity, is counter productive: at best it legitimizes the hoops to have to go through with DRM-protected crap.
Yes, but we want to do away with that, correct? So we need to replace that with a more ethical procedure, one which allows cultural content to be "free as in freedom" while simultaneously ensuring such cultural content actually exist in a quality and quantity which allows earthlings to say they actually have a set of cultures. Moreover creativity and ideas spread, so inventive non-destructive conflict perpetuates with the culture and we don't descend into an amoral anarchy with theft and violence just because struggle to find meaning without theft and violence.
You're thinking just like the MPAA teaches people to think.
iTunes's music (as well as loads of other music services, like Bandcamp) seems to prove that the problem DRM claims to want to solve doesn't exist.
Thinking that these social problems can be solved via technical means is exactly what got us DRM.
Stefan
I think the best way to support free culture is to find artists that are making it a support them, via sites like liberapay or patreon. The issue here is *not* technical. As Stefan is saying, this is exactly the sort of thinking that got us DRM.
Again, find free culture creators and support them (or create some yourself) if you want free culture to grow. Anything else isn't going to do much to change the current situation.
But is it not also an issue of them finding us?
We talk for granted that we are all part information researchers. We are justly capable of elaborate standalone complex organized searches through the internet for talent and meaningful message.
This not even a tenth of the population involves themselves with, as when was the last anyone saw a piece of media content with more than a million likes and compare that with when anyone has seen a piece of media content with more than 10 million views.
The reality remains very few people have the ability, much less the willingness to seek out artists that they could feel deserve their support.
As much as marketing should NOT stay a service offered in exchange for fiat (money), the technology for gratis media curation on a large scale does not exist. Sybil (reputation) systems still depend too much on healthy majorities and can't guess the thoughtfulness (or impulsiveness) of a rating given by a user. (Newgrounds.com attempts this by measure quantity rather than quality of experience as a reviewer)
Unless artists have the ability to really shove their donate buttons in the faces of regular people, libre models won't scale properly.
This remains why patreon advanced our ideological position without doing any more than what paypal was already doing for cheaper. Having a cryptographic key signature, sounds like fancy technology, but all it replaces is a serial number and an on-screen paypal link. The point remains not what technology is used, but how we organize reminders and notices in our economy. Not everyone is a researcher, some people do in fact depend on notices from abstract entity like "the government".
If all someone has to do to donate to an artist, is scan an extra QR code at checkout or ask to have their cash converted to cryptocurrency as a part of the store facilitating their donation, and all the store has to do is complete that conversion, plug in the play stick into a device that expects the first frame of the video to be a QR code signature, and transfer the cryptocurrency to that artists wallet, then this makes it so someone doesn't even need a computer to donate to the arts (which they would need to use liberapay or patreon, at least until liberapay implements their api).
If all someone has to do to donate to an artist, is scan an extra QR code at checkout or ask to have their cash converted to cryptocurrency
So, IIUC you're suggesting the QR to be a (hopefully reliable) way to find the author so as to be able to give him money?
I can see why that would be nice, but I don't understand what the cryptography is about (i.e. how will it increase the trustworthiness of the QR)?
How would you detect that someone took that video, removed the author's (cryptographic) signature, and put his own (cryptographic) signature on it? Signatures are not useful for that. You'd need something more like "watermarks", but here again the benefit is likely much smaller than the harm.
Better just slap a URL/QR inside the video as part of the opening/closing credits.
Also instead of watermarks you could try and develop a kind of registration/certification body, so when the end-user wants to donate to A for the movie M, the donation site could warn the user "hmm... according to <foo>, movie M was not directed by A but by B, do you still want to donate to A?"
Stefan
It proves the device was loaded by the owner of that private key. That individual can accept accountability for whatever materials exist on that device, indemnifying whatever vendor sells or makes available the device (i.e. a library).
If content on the device isn't properly attributed or is non-free used without permission, then governments can investigate the owner of that private key in reliable faith that that individual distributed that content unless their private key was stolen.
I'm not supporting that copyright should exist even as an option to those who would like to restrict the yields of their creative efforts, however the economic reality we face includes a lack of social infrastructure for libre artists to mass-distribute the yields of their efforts as well as for individuals to calculate their fiscal honor-obligation to these artists. When talking about these kinds of large scales over-paying artists remains a real possibility with negative consequences all around (including to the artist [consider how winning the lottery affects many in poverty] ). I don't think I'd be the first to suppose that Star Citizen was "too" successful in their fundraising, and feeling an obligation to develop the game quickly hiring too much help, too quickly diluting their original vision. Rigorous attribution enables libre support models: without it, one can only blindly support and hope artistic yields come about. Besides that, transitions to libre support must ensue gradually and old models can't immediately drop out of existence. While artists transition someone needs to accommodate both toxic copyright models as well as healthy libre models. <b><i>One does not simply get a smoker to stop smoking by depriving them of smokes.</b></i>
This necessary infrastructure should add up to retailers getting used to the idea of facilitating donations.
one thing ive wondered about is a https for payment address. so you know the crypto currently address or fait payment info is verified for that person. like you know a https site is the site it says it is.
On 7/27/18, Alexander Ross maillist_arm-netbook@aross.me wrote:
one thing ive wondered about is a https for payment address. so you know the crypto currently address or fait payment info is verified for that person. like you know a https site is the site it says it is.
A blockchain dao could be setup for people to sign public keys that they confirm. If a large number of people have confirmed one key belongs to one particular person, then the key should be trustworthy, unless something bad happens and people start revoking.
On Jul 22, 2018, at 15:11, Jean Flamelle eaterjolly@gmail.com wrote:
A monofunction PCB that when power is supplied from the HDMI, generates a private key signature, displays it as a QR code for a few moments, then plays whatever video is stored on nand.
The QR code confirms the legitimacy or official-ness of the copy.
This sounds similar, in concept at least, to something like a GPG signature over the presentation content. The processing to calculate the signature over a feature-length high-definition video (Blueray movie ~15-25GB[max single layer])[1] to verify authenticity is significant. I would recommend implementing the algorithm in FPGA (eventually ASIC?) to speed the calculation. I don't know what calculation time would be acceptable. We can probably buy some user patience with a real, honest, linear-response progress bar and possibly a countdown timer. Let's say we have NAND read rates that allow us to pull 1GB/s into the signature processor and we can process data as fast as it arrives. That would give us 1s of calculation time for every 1GB of content or 15-25 seconds to calculate the QR code.
Samsung has a 32GB chip with a high-speed serial interface capable of 880MB/s in sequential reads.[2] That's ~88% of the speed we talked about above. (25GB transfer in 28.4s) And it is in mass production!
The size sounds good, too: 11.5x13x1.2mm
(I had some time to burn while riding around with my family to different appointments and waiting while the girls were in lessons.)
Richard
References: [1] https://en.m.wikipedia.org/wiki/Blu-ray [2] https://www.samsung.com/semiconductor/estorage/eufs/
On 7/23/18, Richard Wilbur richard.wilbur@gmail.com wrote:
I would recommend implementing the algorithm in FPGA (eventually ASIC?)
Added to my bottomless list of stuff to do that requiring skills I hope to acquire. Sounds like an incredibly simple enough project to learn HDL while doing.
I appreciate the answer : D
I don't think I understand (even though I read all the followups in the thead up to Stefan Monnier's post of Tue Jul 24 08:27:30 2018, so I've added some comments / questions below:
On Sunday, July 22, 2018 05:11:28 PM Jean Flamelle wrote:
So the thought is pretty simple.
A monofunction PCB that when power is supplied from the HDMI, generates a private key signature, displays it as a QR code for a few moments, then plays whatever video is stored on nand.
The QR code confirms the legitimacy or official-ness of the copy.
Where is the nand (on which the video is stored) -- is it on this stick, or is this sort of a multi-use stick that can check the video on other media for "compliance" with DRM?
Encourage copying, modifying, as well as redistributing the content. However build a culture of the 'Unpause-able Player Stick':
What do you mean by unpause-able? Do you mean you couldn't pause the video and restart it?
Friends should still feel obligated to support the art through peer pressure to use one of these sticks that can prove its legitimacy, during ritualistic communal watchings.
Airgapped for security and durability (viruses can still damage hardware after all)
arm-netbook mailing list arm-netbook@lists.phcomp.co.uk http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook Send large attachments to arm-netbook@files.phcomp.co.uk
On Jul 22, 2018, at 15:11, Jean Flamelle eaterjolly@gmail.com wrote:
Encourage copying, modifying, as well as redistributing the content.
By this do you mean an unencrypted output over HDMI (without HDCP in other words)?
However build a culture of the 'Unpause-able Player Stick':
How do we "encourage copying, modifying, as well as redistributing the content" from an 'Unpause-able Player Stick' that has "air-gap" security?
Who can copy, modify, or redistribute the content?
What is the utility of making it 'Unpause-able'? That was always one of the advantages I saw to having user control: you can adapt the viewing experience to the realities of your life.
It seems to me that a lot more variety of materials will be required to make one of these sticks than an optical disc which is mostly one type of plastic. That would seem to make the stick more difficult to recycle than the disc. If the stick can't be loaded with new content, then its use cycle will be closer to a non-rewritable optical disc.
What if we created an open video format that allowed sections of a work to be attributed to the original author/creator? Sort of a digital credits meta-data list. Could also be useful for still images, audio, and possibly other media. A method to identify some portion of the whole work and record attribution information.
Editing tools would be very useful in managing this data.
arm-netbook@lists.phcomp.co.uk
-
Alexander Ross -
Jean Flamelle -
Louis Pearson -
Luke Kenneth Casson Leighton -
rhkramer@gmail.com -
Richard Wilbur -
Stefan Monnier -
Stephen Paul Weber