[Dtb-talk] iPhone/iPad/iPod touch NLS Playback question

Flint Million fmillion at gmail.com
Tue May 18 01:38:56 UTC 2010 

The loss of one stream does not impact the scheme in and of itself.
Even a stream containing the NLS master keys will not inherently
compromise the security of the system. Read on.

An iPhone/iPod touch/iPad - as well as the Stream, the NLS DTBM, the
BookSense and everything in between - actually is just a little
computer. At the core of an iDevice is a BSD-based UNIX box with a
filesystem with software on it. Apple's software, however, offers you
no way to access this filesystem directly. This sounds like a good
platform for NLS playback because it is a closed system and data can
be protected from user access. The major problem with iDevices is that
there are these little hacks called jailbreaks which open up the
entire device. With a jailbreak, you can literally pop up a terminal
right on your iPhone and navigate around the filesystem just like
you're in Linux or DOS. Once you're in there, anything is fair game
for extraction and distribution - including key files, which is the
problem.

The Stream is Linux-based and just like the iDevices has a hidden
filesystem containing all of the software that drives your stream -
and also presumably contains the installed keys. Of course, if people
REALLY wanted to, they could probably find ways to "jailbreak" the
Stream and gain access to its root filesystem. If this were to happen,
it would be just as vulnerable to key extraction as an iPhone.
Thankfully, there is little interest in doing this. Let's all hope it
stays that way.  A lost Stream could certainly play NLS titles, but it
will not compromise the NLS security because its keys are still as
protected as when the original owner had it.

Why not use a phone-home system to determine key invalidation? I can
think of a few reasons. First, we need to be able to INTERACT with
other devices that do not have the ability to phone home - Streams,
NLS DTBMs and so on. It would require additional effort to produce
"iPhone-specific" versions of every title - not to mention doubling
storage space requirements. If a device cannot phone home, it must
always assume keys remain valid. New keys can be added, but old keys
will remain active for a considerable amount of time.  For a
comparison, DVD players typically do not have an Internet connection.
DVDs are encrypted with keys that are specific to the movie studios,
which each manufacturer who is approved installs into their players -
including software players. In case you didn't know, the DVD scheme
has been cracked wide open - because the keys were extracted from
computer DVD playback software.

Therefore NLS's lifeline is those keys. If those keys get out, they
have to redo their ENTIRE library with a new key set, AND at the same
time somehow get that new key set to EVERY single user of EVERY single
player - NLS DTBM or otherwise. IT's a huge undertaking. i can
certainly see why they want to protect those keys!

I also second the idea that the NLS, being a government funded public
organization,, must be more diligent in its mission to protect the
interests of publishers. A public organization can be killed much more
easily than a privately funded one. While I seriously doubt the NLS
would ever be completely shut down, what could happen is that the
entire digital system would be withdrawn - or at least the right to
use ANY device except their own players.

I digress though. Discussing the technical aspects of this is
interesting, but the issue still at hand is whether the NLS will ever
support a mainstream device for content playback. I personally do not
see it happening because of the technical reasons we've all discussed.

fm

On Sun, May 16, 2010 at 8:18 PM, Greg Kearney <gkearney at gmail.com> wrote:
> It would be done just as HumanWare does it now. With the Stream you contact HumanWare who then verifies your status with the NLS and then sends back to you the authorisation key for your Stream. Anyone can buy a stream but only NLS users can get the key to play NLS books in one.
>
> In the case of the iPhone you would contact us, we would verify they user with the NLS the same way HumanWare does and send back to you the authorisation key tied to your particular phone. In theory anyway it would be possible to have the phone check on occasion to make sure the key was still authorised by the NLS for use and deactivate it if it was not.
>
>
> Gregory Kearney | Manager Accessible Media
> Association for the Blind of WA - Guide Dogs WA
> PO Box 101, Victoria Park WA 6979 | 61 Kitchener Ave, Victoria Park WA 6100
> Tel: 08 9311 8246 | Fax: 08 9361 8696 | www.guidedogswa.com.au
> Tel: 307-224-4022 (North America)
> Email: greg.kearney at guidedogswa.com.au
> Email: gkearney at gmail.com
>
> On 17/05/2010, at 8:58 AM, Mike Freeman wrote:
>
>> Who's gonna do the activation/deactivation?
>>
>> Mike
>>
>> ----- Original Message ----- From: "Greg Kearney" <gkearney at gmail.com>
>> To: "Discussion of Digital Talking Books" <dtb-talk at nfbnet.org>
>> Sent: Sunday, May 16, 2010 5:04 PM
>> Subject: Re: [Dtb-talk] iPhone/iPad/iPod touch NLS Playback question
>>
>>
>>> Is not the loss of even one NLS authorised Stream to an outside entity or person a breach of the security of the whole system? As I understand that system it is dependent upon only a few keys the breaching of which imperils the entire scheme.
>>>
>>> In theory at least the iPhone and related devices could be made even more secure than the Stream. The iPhone could, excuse the term here, "phone home" to check if the authorisation keys are still valid. In this way if a phone were to be stolen, lost, sold or if the user simply dies the NLS key in the phone could be deactivated.
>>>
>>>
>>> Gregory Kearney | Manager Accessible Media
>>> Association for the Blind of WA - Guide Dogs WA
>>> PO Box 101, Victoria Park WA 6979 | 61 Kitchener Ave, Victoria Park WA 6100
>>> Tel: 08 9311 8246 | Fax: 08 9361 8696 | www.guidedogswa.com.au
>>> Tel: 307-224-4022 (North America)
>>> Email: greg.kearney at guidedogswa.com.au
>>> Email: gkearney at gmail.com
>>>
>>> On 17/05/2010, at 5:23 AM, Mike Freeman wrote:
>>>
>>>> I'm on my third Stream also; one had a minor problem that couldn't be fixed; the second was stolen and I'm using the third.
>>>>
>>>> Mike
>>>>
>>>> ----- Original Message ----- From: "David Andrews" <dandrews at visi.com>
>>>> To: "Discussion of Digital Talking Books" <dtb-talk at nfbnet.org>
>>>> Sent: Sunday, May 16, 2010 1:38 PM
>>>> Subject: Re: [Dtb-talk] iPhone/iPad/iPod touch NLS Playback question
>>>>
>>>>
>>>>> Possibly Mike, but I am not sure.  For one reason and another, (one involving the so-called porcelain God,) I am on my third Stream and have registered other machines too.  I am not sure the iPod would be appreciably different.
>>>>>
>>>>> Dave
>>>>>
>>>>> At 01:41 PM 5/16/2010, you wrote:
>>>>>> One more thought:
>>>>>>
>>>>>> Devices such as the iPhone become obsolete much more quickly than adaptive tech for the blind. So you'd constantly be registering your new iPhones. Impractical to my way of thinking.
>>>>>>
>>>>>> Mike
>>>>>
>>>>>                       David Andrews:  dandrews at visi.com
>>>>> Follow me on Twitter:  http://www.twitter.com/dandrews920
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Dtb-talk mailing list
>>>>> Dtb-talk at nfbnet.org
>>>>> http://www.nfbnet.org/mailman/listinfo/dtb-talk_nfbnet.org
>>>>> To unsubscribe, change your list options or get your account info for Dtb-talk:
>>>>> http://www.nfbnet.org/mailman/options/dtb-talk_nfbnet.org/k7uij%40panix.com
>>>>
>>>>
>>>> _______________________________________________
>>>> Dtb-talk mailing list
>>>> Dtb-talk at nfbnet.org
>>>> http://www.nfbnet.org/mailman/listinfo/dtb-talk_nfbnet.org
>>>> To unsubscribe, change your list options or get your account info for Dtb-talk:
>>>> http://www.nfbnet.org/mailman/options/dtb-talk_nfbnet.org/gkearney%40gmail.com
>>>
>>>
>>> _______________________________________________
>>> Dtb-talk mailing list
>>> Dtb-talk at nfbnet.org
>>> http://www.nfbnet.org/mailman/listinfo/dtb-talk_nfbnet.org
>>> To unsubscribe, change your list options or get your account info for Dtb-talk:
>>> http://www.nfbnet.org/mailman/options/dtb-talk_nfbnet.org/k7uij%40panix.com
>>
>>
>> _______________________________________________
>> Dtb-talk mailing list
>> Dtb-talk at nfbnet.org
>> http://www.nfbnet.org/mailman/listinfo/dtb-talk_nfbnet.org
>> To unsubscribe, change your list options or get your account info for Dtb-talk:
>> http://www.nfbnet.org/mailman/options/dtb-talk_nfbnet.org/gkearney%40gmail.com
>
>
> _______________________________________________
> Dtb-talk mailing list
> Dtb-talk at nfbnet.org
> http://www.nfbnet.org/mailman/listinfo/dtb-talk_nfbnet.org
> To unsubscribe, change your list options or get your account info for Dtb-talk:
> http://www.nfbnet.org/mailman/options/dtb-talk_nfbnet.org/fmillion%40gmail.com
>

More information about the DTB-Talk mailing list