------art_14738_30638577.1143779004216
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

It's actually the other way around - can the author of the program trust the
user of the program? Think about a corporate environment where you're
worried about employees hacking your system. In today's SOX compliance
driven world it's not an unreasonable thing to worry about.

DRM can be used for "good" or "evil". In a corporate setting, the user
doesn't own the computer - it's the company's property. So in that case, the
company should be able to define what can and cannot execute on the machine.
So while *today* this isn't a reasonable expectation, in the future having
the ability to lock down a machine so that it only executes code that was
signed by an approved list of certificate holders seems like a really good
way to avoid problems like trusted insiders hacking your system.

-John
http://www.iunknown.com


On 3/30/06, listrecv / gmail.com <listrecv / gmail.com> wrote:
>
> I still don't understand.  Who are you trying to protect - a user from
> running a malicous (or tampered with) ruby script?  If so, as I said,
> this is no different than protecting a user from running a trojan
> compiled file - people either trust the author (and hopefully use code
> signing), or run the code in a sandbox.
>
> In terms of ensuring that only admin's can install the ruby
> executable/interpreter - this is currently impossible, and likely will
> remain so.  Even if you mark your exe/interpreter to require admin
> privs to install, what's to stop anyone else from creating their own
> exe/interpreter without that restriction?  It's essentially the old
> copy protection / DRM issue, which all experts agree can always be
> defeated (at least short of a hardware implementation).
>
>
>

------art_14738_30638577.1143779004216--