Thread: Windows Playready DRM?
View Single Post
vivainio is offline vivainio
2009-10-11 , 20:49
Posts: 222 | Thanked: 205 times | Joined on Jul 2009 @ Finland
#52
Originally Posted by allnameswereout View Post
No, not necessarily a hacked kernel, actually if it checks checksum right after bootloader that is gonna be a bit hard. Provided it doesn't use CRC32 for that.
The device would be running in "open" mode with the hacked kernel, so the checksum failure is not a problem. The hacked kernel can do anything it wants, including "impersonation" of the locked down kernel to applications. How applications can determine whether or not they are running in the open or locked environment is anyone's guess now that the system is not deployed yet. Basically, I'm thinking of the use case where you have an app that wants to run in closed environment, but can be fooled to think it has such an environment when it in fact doesn't (so it would store drm keys to normal filesystem, etc...).

We're not talking about the average consumer. Or, at least, I am not. I'm talking about a Maemo version of Jon Lech Johansen
.

Yep, that's the only "target audience" you need to think of when designing a system like this ;-). We can imagine there will be people with custom hardware trying to hack this thing. Again, hacking doesn't seem to be "required" to use this phone normally (unlike w/ android and iPhoneOS), so I don't care either way.

Since one can (theoretically) run the whole Maemo 5 OS on SBox, the hacker can indeed use a rootkit for QEMU.
SBox doesn't run the target kernel, which is the most important part in scheme like this, so attacks from this direction are probably ineffective.