I agree... the biggest failure in the technology is the remaining
weekness to Ananlog attacks such as taking a picture of protected
content on a screen. I cant even say that I personally totaly buy into
this technology but for some groups in the company I work for, this
technology is ideal and satisifies a regulatory need that exists. No one
technology is the holy grail for securing your environment. What we have
are many small pieces that you put together to come up the most complete
solution possible.
As far as copy in paste to a document, If you choose the right
technique for rights managed content, you can also protect content that
is copied from one doc to another while also keeping a running audit
trail of how the document is being accessed no matter where it goes. I
believe this technology has a long way to go but we are seeing a fine
start.
Just as a
-----Original Message-----
From: Jimi Thompson [mailto:jimi.thompson (at) gmail (dot) com [email concealed]]
Sent: Saturday, November 20, 2004 1:23 AM
To: Thompson, Tichard
Cc: Lists; focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: Microsoft rights management server alternativeses.
The DRM stuff is all a seriously bad joke that's been played out on
management. You still have to TRUST the people that work there. If I
can display it on my screen, no matter what else fails I can get my
nifty camera and take a photograph of the document or whatever I'm not
supposed to be able to pass around. If I can play it through my
speakers or headphones, I can whip out my trusty old casette recorder
and tape it. Where's your DRM then? Neither of these are
particularly high-tech approaches and are well within the reach of the
average schmoe.
Further more, if I have sufficient rights to open a document, let say
that I copy and paste from the contents of your DRM document into a
new document. How do you track the rights to that? It's better to
be loyal to your employees so that they are loyal to the company and
don't want to sell you out to begin with. More software isn't going
to fix that.
2 cents,
On Thu, 18 Nov 2004 14:06:11 -0500, Thompson, Tichard
<tichard.thompson (at) pharma (dot) com [email concealed]> wrote:
> Checkout LiquidMachines which is a stand alone product and also
> works with an existing RMS infrastructure. Also look at Authentica.
> Their solutions are a lot better as well as being a lot more
expensive.
>
> T.J CISSP
>
> -----Original Message-----
> From: Lists [mailto:sakaba (at) alexandria (dot) cc [email concealed]]
> Sent: Friday, November 12, 2004 7:30 PM
> To: <focus-ms (at) securityfocus (dot) com [email concealed]> <focus-ms (at) securityfocus (dot) com [email concealed]>
> Subject: Microsoft rights management server alternatives
>
> Hi everyone,
>
> I am looking into rolling out a solution like microsoft rights server
> that can encrypt files and assign decrypt rights. I know of Hibun in
> Japan as well by Hitachi and was wondering if anyone was using
anything
> else.
>
> Regards,
> sakaba
>
>
------------------------------------------------------------------------
weekness to Ananlog attacks such as taking a picture of protected
content on a screen. I cant even say that I personally totaly buy into
this technology but for some groups in the company I work for, this
technology is ideal and satisifies a regulatory need that exists. No one
technology is the holy grail for securing your environment. What we have
are many small pieces that you put together to come up the most complete
solution possible.
As far as copy in paste to a document, If you choose the right
technique for rights managed content, you can also protect content that
is copied from one doc to another while also keeping a running audit
trail of how the document is being accessed no matter where it goes. I
believe this technology has a long way to go but we are seeing a fine
start.
Just as a
-----Original Message-----
From: Jimi Thompson [mailto:jimi.thompson (at) gmail (dot) com [email concealed]]
Sent: Saturday, November 20, 2004 1:23 AM
To: Thompson, Tichard
Cc: Lists; focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: Microsoft rights management server alternativeses.
The DRM stuff is all a seriously bad joke that's been played out on
management. You still have to TRUST the people that work there. If I
can display it on my screen, no matter what else fails I can get my
nifty camera and take a photograph of the document or whatever I'm not
supposed to be able to pass around. If I can play it through my
speakers or headphones, I can whip out my trusty old casette recorder
and tape it. Where's your DRM then? Neither of these are
particularly high-tech approaches and are well within the reach of the
average schmoe.
Further more, if I have sufficient rights to open a document, let say
that I copy and paste from the contents of your DRM document into a
new document. How do you track the rights to that? It's better to
be loyal to your employees so that they are loyal to the company and
don't want to sell you out to begin with. More software isn't going
to fix that.
2 cents,
On Thu, 18 Nov 2004 14:06:11 -0500, Thompson, Tichard
<tichard.thompson (at) pharma (dot) com [email concealed]> wrote:
> Checkout LiquidMachines which is a stand alone product and also
> works with an existing RMS infrastructure. Also look at Authentica.
> Their solutions are a lot better as well as being a lot more
expensive.
>
> T.J CISSP
>
> -----Original Message-----
> From: Lists [mailto:sakaba (at) alexandria (dot) cc [email concealed]]
> Sent: Friday, November 12, 2004 7:30 PM
> To: <focus-ms (at) securityfocus (dot) com [email concealed]> <focus-ms (at) securityfocus (dot) com [email concealed]>
> Subject: Microsoft rights management server alternatives
>
> Hi everyone,
>
> I am looking into rolling out a solution like microsoft rights server
> that can encrypt files and assign decrypt rights. I know of Hibun in
> Japan as well by Hitachi and was wondering if anyone was using
anything
> else.
>
> Regards,
> sakaba
>
>
------------------------------------------------------------------------
> ---
>
------------------------------------------------------------------------
> ---
>
>
------------------------------------------------------------------------
---
>
------------------------------------------------------------------------
---
>
>
--
Thanks,
Jimi
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]