[Seth-Trips] iTunes DRM talk, Stanford, Thursday

Fyodor fyodor at insecure.org
Sat Jan 21 13:26:18 PST 2006

On Sat, Jan 21, 2006 at 04:00:47PM -0500, Aaron Swartz wrote:
> "Code Protection and Robustness: A talk about securing the iTunes client"
> Augustin Farrugia, Apple
> The concept of security is a trade-off from what you can accomplish
> and what your cyberspace allows you to implement. In the nutshell, the
> security system protects the assets and it is defined by the
> requirements of a lot of players (1) the asset owner(s); (2) the
> geopolitics; (3) the regulation; and (4) other relevant and irrelevant
> features.

It is interesting that the actual product users who purchase the
media/device don't even qualify as one of the "players" in their
equation.  What happened to businesses caring what their customers

> Any security system cost can be quantified 

Ah, now they are finally talking about the cost to consumers (and to
themselves from lost sales) due to inconvenient and burdensome DRM
restrictions that prevent full enjoyment of their product.  Oh, wait,
that isn't what they are talking about at all ...

> and the cost represents the number of lines for the application versus these
> implemented for the security.

Fyodor (proud to be among the dwindling few who don't own an iPod)

PS: While I may not attend this seminar, some others that the Stanford
Security Laboratory has hosted recently look interesting.  You can
view their calendar and subscribe to their mailing list at
http://crypto.stanford.edu/seclab/sem.html .  Thanks for the link,

More information about the Seth-Trips mailing list