Users and services is NOT drm, was Re: Few comments after reading Wiki

[Attila Csipa]

On Wednesday 16 May 2007 18:46:03 Ian Stirling wrote:
> I really think you do.
> I want to be able to give this phone to my (hypothetical) employees.
> I do not want skilled lazy, employees able to - for example - edit their
> GPS logs which corroberate the inspections they are required to do.
> This is _not_ DRM that stops the owner of the phone doing stuff.
> It's DRM that stops users of the phone that may or may not be authorised
> users from doing stuff.

I think we have a terminology issue here. How is this thig you call DRM (which 
it isn't really, since it is not dealing with copyright or authoring issues) 
different from a properly prepared unix environment, chroot/chmod/chown and 
all ? To put it another way - you say you want to give this to people but 
want to make sure they are unable to tinker with the data - how is this 
different from a browser using a web server ? You can define users, pages, 
rights, and keep the GPS logging on the server side, which enters the 
points/locations automatically with the report. If your employee can't 
connect to the DB or write as www-data, you are reasonably safe. If you are 
really paranoid, I guess you could employ a crypted filesystem (which you 
mount using an agent so the password is not stored in the device) to make 
sure it doesn't get edited on another machine, but all of this is really 
outside the scope of DRM, which is lawyer stuff - DRM doesn't prevent anyone 
from doing anything - it just gives you a legal base to punish someone who 
does break it. DRM enforcement software is OTOH an (arguably) futile attempt 
to make it harder to do something you are not supposed to do (some will argue 
that it makes it hard to do things you ARE supposed to do).