Ex Bibliotheca

The life and times of Zack Weinberg.

Thursday, 17 October 2002

# 7:40 PM

Seth's in top form today. Go read him.

The concept he proposes, "owner override," bears reexamination in the context of the other Seth's point (which Seth linked to at the bottom of his entry). To wit: even if an action is possible, it may be so difficult as to be impractical for most people, and this is generally good enough for the people who don't want the action taken. Owner override makes it technically possible to break many (I hesitate to say "all") of the noxious applications of "trusted computing," but the mechanism is not terribly practical for the average user; you have to have a second computer available, and specialized tools for grovelling through a total memory dump to extract the information you actually want.

Consider remote document revocation, which is one of the most noxious applications: you have a data file on your hard disk which is encrypted. The viewer application consults a remote server over some sort of secure channel, passing it a cryptographic hash of the file and some authenticator; the server chooses whether or not to reply with the decryption key. A "trusted computing" mechanism ensures that the viewer will not reveal the decryption key to the user or allow the decrypted document to be written to permanent media. The document's author can thus decide at any time to deny the key to people who possess the document. To break this mechanism using Seth's owner override, you would need to trigger a memory dump at precisely the right moment, so that the decryption key was in memory, in cleartext (it has certainly been transmitted encrypted). The viewer application can be designed to make this arbitrarily difficult.

I think there's the germ of a good idea in here, though; the concept is the right one, it just needs to be more deeply integrated into the system.

# 7 AM

a partially successful experiment

One of the biggest problems with candle making with molds is uneven cooling. As I described earlier, the candles shrink as they cool, and set up from the outside in, so you risk getting voids in the middle of the candle. It occurred to me that this problem could be alleviated by insulating the upper half of the mold. The wax would then solidify from the bottom up, and there would be no voids; you'd have to top up the mold after awhile, but no more.

So I slapped together an insulating jacket for one of my molds, using one of those cardboard tubes you find at the inside of a roll of paper towels, some foam rubber from the East Bay Depot for Creative Reuse, and a buttload of duct tape. It did have the desired effect - the wax started solidifying from the bottom up. Unfortunately, it slowed down the solidification process bigtime. Worse, the duct tape wicked up some of the wax from the open top of the mold and spilled it down the outside, ruining the jacket.

The concept is sound, but the implementation needs more work.