Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> because Microsoft (the adversary) has the DRM private keys

Let's be clear here. That's a fine point in the generic sense, but in the Signal situation there are no private keys and it's not really DRM.



It kind of is though?

Suppose a third party app wants to make screen captures. Windows prevents it, because otherwise it could do the same thing to Netflix and capture the video. The thing preventing the app from bypassing that constraint is DRM.

Whereas suppose Microsoft wants to distribute an update to the video rendering code in Windows. It will have access to the data on the screen because it's the thing converting it into pixels, so Microsoft signs the new code with their private keys and distributes it to your PC and it gets access to what's on your screen. Which they could also do with code designed to exfiltrate it.


But Signal is not Netflix. Signal is not managing any digital rights with this toggle, and also the user has full control over the toggle.

Also if Microsoft wanted to bypass it they could just ignore the function call, they wouldn't have to do any clever workarounds.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: