Thread: Nokia is under pressure from Silicon Valley
View Single Post
voidster is offline voidster
2010-02-27 , 23:32
Posts: 6 | Thanked: 4 times | Joined on Jan 2010
#75
Originally Posted by wmarone View Post
Usually whereby the open source kernel is signed, such that:
- The system will not boot if the wrong kernel is in place
- The system will disable DRM if the wrong kernel is in place.

DRM as required (err, petulantly demanded) by 3rd parties, generally requires top down security such that the:

TPM chip trusts the
boot loader which trusts the
kernel which trusts the
application

And if anything along that chain is broken the DRM can be compromised. Anything else is just intense obfuscation that can be broken by those with the necessary time (see AACS and software BD players.)
I am not very knowledgeable regarding DRM solutions for ME. This signing of the kernel - does it apply to kernel modules as well. I would assume it does as they are not in user space?

I would pretty much be willing to accept restrictions regarding the bootloader and the kernel in itself as I've never really done anything in those areas. The modules are a different as they pretty much limit what you have support for.