I really hate to break this to you, but todays gpu's, can generate every key possiblilty rather quickly. Over a million per stream processor, per second.

My workstation has 3200 stream processors, do the math.

Now gang entire networks of them together.

Your ZDNET article you quoted also mentioned that other forms of encryption with even higher bits have been cracked, but you conveniently left that part out. And that happens to be RSA encryption that was cracked on the universities networks. No super computers involved, a rather small network, and they cracked it.

http://www.zdnet.com/blog/ou/is-encryption-really-crackable/204

Gpu's have proven that moores law does not always apply.

So if you want to stay on the moores law bandwagon, don't even look at how fast the new gpus are.

^my challenge still stands. its an easy $1000 for you :)

BB, I think a lot of people would like that as well.

When it comes to shaders, you know far more about it than most people do.

One of the best parts, is that you share your knowledge with people, that is something you don't see every day. And that has helped many people.

Having a way to add your runtime stuff like that would help a lot of people out.

Quote - It's not absurd and I've actually been thinking about how I might set it up for distributing my own stuff.

I am always tweaking and improving things. People are always trying to stay up to date with my shaders. Thousands upon thousands of people experience one or more of the following:

1. They don't know how to install shaders

2. They don't know how to update shaders

3. They don't know or have troubling unzipping shaders

4. They are unaware that I updated a shader and published new versions

5. They get confused when I post useful variations and then they mix them up and think they're using a particular variant but they're still using the first one they got.

Etc.

Now imagine a different world:

You install "Ted's Magic Cloud Runtime" software.

You activate it to synchronize to my "Bagginsbill-Freebie" runtime - everything I have ever published, already installed properly. Further, as I make new things, I put them in there.

The Magic Cloud software keeps your local copy local, but synchronized so that updates and additions that I put in my runtime show up in your copy automatically.

All you have to do is join the network once in a while and your copy will be updated and instantly ready to work in Poser because it is a full runtime - just like the ones you have now. It's local, not cloud based. The cloud part has to do with distribution, not storage.

I think people would absolutely love this.

 

Quote - I really hate to break this to you, but todays gpu's, can generate every key possiblilty rather quickly. Over a million per stream processor, per second.

My workstation has 3200 stream processors, do the math.

...

Um, that would be 3200 * 1000000 = 3.210^9 keys per second, or in other words, to guess baggingsbills key (who conveniently only seems to use keys consisting of 32 letters and digits as posted above), you need only 36^32 / 3.210^9 / 2 =~ 10^40 seconds on the average. Sounds much easier than a discouraging "billion years", doesn't it?

Quote - Um, that would be 3200 * 1000000 = 3.210^9 keys per second, or in other words, to guess baggingsbills key (who conveniently only seems to use keys consisting of 32 letters and digits as posted above), you need only 36^32 / 3.210^9 / 2 =~ 10^40 seconds on the average. Sounds much easier than a discouraging "billion years", doesn't it?

lol, but your assuming you need every key, you only need the one that unlocks it, which would narrow that down just a tad. The college kids did it with much higher bit length, and it didn't take them long at all. Which took the "billions years" theory and threw it right out the window.

Or you could just assume that they did not do what the proved they did, and hop back on the "billion year" thing.

did what? break 64-bit encryption in a 5 year span using distributed computing?

we are talking 128 bit, 256 bit - each billions of times as strong as the last.

Please don't confuse GPU computations with CPU. Although a GPU can have thousands of individual processors, they are much slower than a CPU for the equivalent calculation, and have to be supervised, which results in considerable overhead. (Amdahl's Law), and suffer other limitations.

The basic rules of computation still apply.

In any case, most cracking records are set in circumstances that offer opportunites that seldom exist in reality, where delays are the norm and lock outs for incorrect passwords are applied.

Plus, how likely is it that some criminal mastermind is going to use the entire resources of his zombie computer army for several years to get his hands on your copy of V4?

I think BB's vision is very welcome. Just think of well maintained freeware libraries that we could automatically sign up to and access from anywhere. Bring it on!

Read the article, they broke 512 bit and 660 bit RSA encryption, which by your own math would be exponentially harder to break than 256 bit. And they cracked both versions. Once that was announced, the RSA Challenge was retracted, full well knowing that if they could crack 512 and 660, they could crack all of them on the list. They did manage to get almost 40k out of the challenge, but they wont get any more due to the fact that is is easily crackable now. RSA-768 was the last prize awarded, then retracted before payment.

Quote - did what? break 64-bit encryption in a 5 year span using distributed computing?

we are talking 128 bit, 256 bit - each billions of times as strong as the last.

shvrdavid,

I don't mean to offend, but you are not relaying facts with any accuracy. They did not break 512 bit and 660 bit RSA encryption. What they did was factor a 512 bit integer. Not at all the same thing.

Public key encryption incorporates two numbers that are related according to the factors of a very large number. This is not at all the same as the factors themselves being guessed.

While it is possible to factor a 512 bit number in a reasonable amount of time, it is not at all possible to guess a 256 bit random number in the same amount of time. It is these 256 bit random numbers that are used for AES 256 session keys, and other similar symmetric crypto systems.

256-bit fails when the pattern is not random, but is produced as a function of a simple password - often a stupid simple word out of the dictionary. In such cases, one does not have to guess the full 256-bit number. One only has to guess the word used to generate it, and to know the algorithm to convert the word to the 256-bit number. Failure to recognize  this form of vulnerability is the primary factor in permitting dictionary attacks on 256-bit encryption in something less than the age of the universe. You're no longer encoding any value from all possible 256-bit values. Instead, it's only about 20 bits. Even if you use a phrase of two or three words, you're still less than 50 bits.

Hybrid crypto systems combine the public key with the symmetric key systems. Also, I can easily cascade several layers of these together, creating the equivalent of 1024 bit keys. Even if we double computing speeds, and double the number of computers, for 1000 years, you will not be able to crack these.

Really - I can't go explain the whole theory of cryptography, in order to get you to believe that you're not explaining anything correctly. But that's what it would take. 

Seriously, I have been hired by a very respectable and well-known company in the encryption space, a company that protects the financial data of the majority of banks in America. I can assure you that you cannot crypto-analyze their data in anything less than the remaining age of the universe. They do not need me to design crypto for them - they need to me to make it easy to use and to make it transparent so ordinary humans can use it well. 

Yes, there are individual incidents involving the crypto equivalent of "morons" who associate their keys with easily guessed passwords. These examples are in no way representative of the state of the art. I assure you, that if you "do the math", you will find that even if you have 1 trillion computers, each with 3,200,000 GPU elements, you still could not break the 256 bit encryption before you are dead.

Also, I cannot explain more about the product I'm working on, but it is groundbreaking and really does work to bring solid encryption to the masses. The government will not be able to read your stuff with a subpeona to Amazon after I'm done.

Quote - I really hate to break this to you, but todays gpu's, can generate every key possiblilty rather quickly. Over a million per stream processor, per second.

My workstation has 3200 stream processors, do the math.

I did the math.

3200 processors at 10^6 keys per second operating for one year can analyze about 10^17 keys per year.

Converting that to bits, it can try all combinations of 56 bits in one year. With me so far?

The math is:

log(3200 * 10^6 * 3600 * 24 * 365) / log(2) = approximately 56

Now let's assume you had one trillion of these. Now you can scan 96 bits in a year.

Now let's assume you apply Moore's law for 150 years and you double the power every 18 months for 150 years. You now have the ability to scan, in one year, 196 bits. But remember, that is 150 years from now.

[The math:

3200 GPU

10^6 keys per second

3600 seconds per hour

24 hours per day

365 days per year

10^12 (one trillion) computers at work in parallel

processor speed doubles 100 times (150 years from now, doubling every 18 months)

log(3200 * 10^6 * 3600 * 24 * 365 * (10^12)* (2^100)) / log(2) = 196.349

]

OK, so 150 years from now we can guess a 196 bit key in a year, using one trillion computers all working on the same problem.

How long, on average, till you guess the 256-bit key?

In years: 1.153 * 10^18

This is still longer than the age of the universe, by many orders of magnitude.

And if that isn't good enough, I'll simply doubly encrypt with 512 bits and now it's longer than the age of the universe repeated for every atom in the universe.

Math is amazing, isn't it? 

Quote - stuff

Your math is missing some key points. You only need one key per level. You don't need to create all of them, you only need to create the one that works. If you had a trillion computers all doing it, your math assumes they are all doing the exact same thing, and they would not be. Each one would be starting at a different point. Your equations do not take that into account at all.

Math is amazing.

But your math is lacking when it comes to parallel equations. You completely left out the fact that all of the computers would not start at the same point. Suddenly all those computers are far more efficent than the math that you posted. A trillion times to be exact.

I am not going to argue about it, you say it cant be done, so it must be gospel then.

Quote - It's not absurd and I've actually been thinking about how I might set it up for distributing my own stuff.

I am always tweaking and improving things. People are always trying to stay up to date with my shaders. Thousands upon thousands of people experience one or more of the following:

1. They don't know how to install shaders

2. They don't know how to update shaders

3. They don't know or have troubling unzipping shaders

4. They are unaware that I updated a shader and published new versions

5. They get confused when I post useful variations and then they mix them up and think they're using a particular variant but they're still using the first one they got.

Etc.

Now imagine a different world:

You install "Ted's Magic Cloud Runtime" software.

You activate it to synchronize to my "Bagginsbill-Freebie" runtime - everything I have ever published, already installed properly. Further, as I make new things, I put them in there.

The Magic Cloud software keeps your local copy local, but synchronized so that updates and additions that I put in my runtime show up in your copy automatically.

All you have to do is join the network once in a while and your copy will be updated and instantly ready to work in Poser because it is a full runtime - just like the ones you have now. It's local, not cloud based. The cloud part has to do with distribution, not storage.

I think people would absolutely love this.

 

Or someone could figure out how to set up an RSS feed twitter account that alerts them every time you post a new material somewhere and they can run off and DL it.    Your suggestion would be useful in the shorter run for some people but aside from versions (have a version in the name perhaps?) I think learning how to unzip something and install or update a shader would be better in the  long run.

http://blog.zorinaq.com/?e=42

this is actually a pretty interesting article on harnessing the stream processors of multiple GPUs (in this case 8) for brute forcing.

incidentally i used the same trick hes using to build a christmas present for someone --  putting together an HTPC for her and i used the PCIe x1 riser trick to get a PCIe x16 GT 440 running on a Mini-ITX board that had no x16 slot :)

incidentally, all files were generated on another machine running from a LiveCD with a RAMdrive, so no saved/cached/temp copies exist, and i dont know, nor did i save or write down the password. in fact i could not even tell you how many characters it is. so any sortof black bag cryptanalysis would be useless since theres no way of recovering the password/key short of directly attacking the encrypted file itself.

have fun :)

(rename to *.7z since the rosity forum does not count it as a valid extension)

Heh.

Crypto is a mixed bag; there are basically three ways to pop the cherry, so to speak...

Method #1: Hammering it from the front door is going to take a long time, so long as the passphrase wasn't "12345", or you don't have a supercomputing cluster to throw at the problem. OTOH, there are methods that don't involve testing one password at a time, such as Rainbow Cracking , where you use partially digested hashes as your base table.

Method #2: If you attack the application that encrypted the data, and if there are indeed flaws in that application, the crypto comes apart in very short order. This is what happened with Microsoft's SAM (Security Account Manager) database, which is how most folks' local OS logon passwords are encrypted. It is also why, if someone has physical access to your machine, it's 'game over' in no time at all.

Method #3: If you attack it by process (that is, you look for flaws in the mathematical process used to encrypt the data), and if there are indeed flaws, it can be cracked in relatively short order. Let me give you a small example of that approach here (PDF warning).

As you can see, brute force is only one of many means to get in. 

The trade-off is time/effort vs. benefit. If the results aren't worth the time, then it can be considered relatively secure.

This changes as the variables do... for instance, if I were criminally-minded and Blackhearted's little wager netted me full access to a $1m USD bank account, you bet your ass I'd try to break it, but only for as long (and with as much) as I could reasonably spend - especially if netting that same million bucks could be had much easier by doing something else (e.g. steal credit card data from multiple people and recruiting mules to launder the money). 

If I were a government, popping the crypto on a rival government's secrets would be well worth throwing millions (if not billions) of dollars into a means to break in, and time is no object.

OTOH, if I wanted to hijack some schmoe's DNS server to make a couple of bucks in a viagra scam, I'm not going to waste too much time trying to crack a FreeBSD/BIND rig that only gives me three tries before locking my IP addy from ever getting in again - I can move on to someone else who is using Windows Server 2008R2 with default settings and a crappy password. 

Now... as for "da cloud!!!111!!OAMGBBQWTFPONIES!, patent pending, etc"? Meh - depends on what I get out of it, looking at it from a criminal viewpoint. If it only means downloading some vickie bits on the sideor some pr0n, screw that - there's more than enough of both for free out there. If it means stealing some compute time and hiding tracks for a bigger criminal project, okay... but I'd first be lazy about it and go phishing for passwords, or pass around a trojan that logs keystrokes. Breaking crypto comes way, way later, after all the lower-hanging fruit has been picked.

So what were we talking about again? I'm hoping 3d linux fembots with a penchant for evil, but I'll settle for anything that's not yet another 'OAMG teh V5 iz teh appocalypz!' thread... those are getting kinda stale, yanno?

incidentally, i dont recommend taking my wager :)
im just being a prick because he said 256 bit encryption was trivial to break.

even if by some miracle you managed to brute force the potentially up to ~64 character password (potentially with upper/lowercase letters, numbers and symbols) or break the 256-bit AES encrypted container, inside youd just find a word document thats also 256-bit AES encrypted (hey, i never said it wouldnt be). lol.

every computer in the world working together 24/7 in a massive distributed attack couldnt brute force that in a year.

Quote - incidentally, i dont recommend taking my wager :) im just being a prick because he said 256 bit encryption was trivial to break.

It simply depends on what encryption. 256 bit is tiny for asymmetrical encryption, but large for a proper symmetrical encryption. You should definitely not use 256 bits for your PGP key size, but for TrueCrypt AES it's rock solid. Unless someone finds a serious flaw in the AES algorithm, discovers a math breakthrough (P=NP) or invents quantum computing, AES-256 can be considered secure for lifetimes, parallel computing or not.

Somebody might need to go read some books by Bruce Schneier

(something tells me BB might well know him :biggrin: )

That's a guy who knows his encryption

If you want to get a good introduction in the whole subject, have a look at Simon Singh's  "The Code Book: The Secret History of Codes and Code-breaking". Heavily recomended.

I'd like to be able to send to a Render Q in the cloud that could return hi res renders of my .pz3s, that my local pc can't finish rendering.

^bandwidth usage would be quite high.  in order to implement that you would need to be using compression - most of the Poser formats we use (scenes, cr2s, tiffs, etc) can often compress to about 10% their original size.  youd also run into issues where the host would require all of the content that you are rendering - which in some cases can be really obscure, sometimes unavailable content. either that or risk violating EULAs by transmitting the files to an offsite server.

the Render Q(continuum) throws that lil temp .pz3.  if it could throw an all inclusive pz3 in powerful encryption level files ...  and the service would have to cost less than buying an I7 PC.  (and you were allowed to use your day jobs T1s to upload)

its not just the .pz3 but every texture, geometry, etc.  some scenes and their related files could get up to a gig.  even if you could compress that before transfer to use 1/10th of that its still a lot of back and forth data....  and the licensing issue would still present a problem.

btw if renders bogging down your comp is a problem - have you considered putting together a dedicated rendering box?  the price is not that prohibitive, and in the long run it would save money over paying someone else/renting server time to render. i dont even have mine hooked up to a monitor, it just sits in the corner and i access it via remote desktop.

assuming you use onboard video (perfectly sufficient for a rendering machine), toss it in an old case and hook up any old HDD you have laying around (its not a good time to buy HDDs right now):

Phenom II X6 1090T boxed processor - $165
8GB DDR3 1600 - $30
Antec Neo Eco 520W PSU (rebranded SeaSonic) - $50
midrange ASUS ATX mobo - ~$80
Enzotech MOS-C10 mosfet heatsinks - $15

~$340 + tax.

the boxed heatpipe cooler on that Phenom X6 should get you to at least 3.8ghz on stock voltage, and equates to impressive rendering performance.  you could put something together even cheaper but i wouldnt bother.

if a remote rendering service charged only ~$25 a month,  you could build your own little rendering box for roughly the same cost for one year. 

Daz_Rand posted today in another thread here at Rendo that the future of Daz content is no-zip no-exe, cloud-based, app-store-like transparent installation. You buy it, then it's in your content library. Let the flaming begin.

In theory, a vendor-approved render farm could be done like this:

1. Vendor X decides to support the farm. She uploads all her commercial content to the farm.

2. Customer Y has a product from vendor X in her scene. Using digital signatures, she verifies to the farm that her content is legal, and exactly the same as the copy on the service. (Such as a texture file.)

3. Having verified that the files are the same, there is no need to transmit the vendor X content to the render farm - it's already there - and the digital signature authorizes customer Y to use it in her render without transmitting it.

This would mean the bandwidth problem would go away.

Quote - Daz_Rand posted today in another thread here at Rendo that the future of Daz content is no-zip no-exe, cloud-based, app-store-like transparent installation. You buy it, then it's in your content library. Let the flaming begin.

I don't even like the content tab in Poser.

Quote - Daz_Rand posted today in another thread here at Rendo that the future of Daz content is no-zip no-exe, cloud-based, app-store-like transparent installation. You buy it, then it's in your content library. Let the flaming begin.

What's to flame? From a PA (and company) standpoint, it may even cut down on piracy (as in - good luck scooping up all the pieces for a given package and passing that around). I assume you can still drop in external content, so no diff there. 

I suspect the files just download into your content folder, and you (hopefully) get to pick where the important bits go in your file structure.

Interesting concept, nonetheless.

This would mean the bandwidth problem would go away.

Fair point - though you resolve the big issue of when theres no internet connection?

I've bought stuff before that needs to be authenticated online when installing.  Gone to reinstall and they've either gone bust. Or worse still decided  they don't want anyone to use that version anymore, you have to pay extra.

Simple serial number ? No problem.

Quote - This would mean the bandwidth problem would go away.

Fair point - though you resolve the big issue of when theres no internet connection?

You're thinking about something in a way I'm not seeing. How would you be using a commercial render farm to set up a render, yet you have no internet connection? I thought we were talking about using a render farm and the problem of passing tons of data to the farm. My suggestion of not passing the data, but just proving you could, would avoid having to move the data.

Quote - I've bought stuff before that needs to be authenticated online when installing.  Gone to reinstall and they've either gone bust. Or worse still decided  they don't want anyone to use that version anymore, you have to pay extra. Simple serial number ? No problem.

Again, we're not speaking about the same scenario as I do not understand what you're talking about. I suggested that you prove, via digital signature (like a serial number but more sophisticated) that you have the right to use certain content on the remote render farm without actually transmitting it. This has nothing whatsoever to do with the vendor - he/she can be out of the picture altogether. This is similar to those strategies involving add-ons to V4 that do not involve actually transmitting a copy of V4. The user must already have a copy.

This is not unlike proving who you are using public key cryptographic signatures. It's a strategy where you prove you are who you say you are (or in this case you have what you say you have) by doing a math calculation that could be done by nobody else, but can be verified by everybody.

This notion of avoiding transmission of a file that is already on the server (stored there by somebody other than you, sometime in the past) is called deduplication. It is a strategy employed by DropBox to avoid uploading files that they already got from somebody else. If you attempt to upload a song you own, for example, and somebody else already uploaded the same song (and they own it too, presumably) then the server tells your PC "never mind, I got that already" and it just marks you down as owning a copy of it at the server. You still have your local copy, but you never need to send it again.

Again, we're not speaking about the same scenario as I do not understand what you're talking about.

Under your scenario, yes you'd clearly need to authticate that user and yes the kinda encrption systems you talk anout would obviously be more than sufficent to protect stuff. Thats a no brainer.

What I was talking about was what you described here...
"... is no-zip no-exe, cloud-based, app-store-like transparent installation."
..there users have to be constantly connected to use it or download stuff, then the moment your connection fails (or the company decides you're not welcome) it's game over.

There what you need is a safety net/mechanism so the user can contine to work off-line if required. Kinda like how we work now, we buy products in zips, we use them offline and theres a copy in the cloud if we need a duplicate.

the problem with a cloud based system is that it shifts so much power/control into the hands of the developer that theyll eventually want to use it exclusively for DRM.  one has only to look at how developers abuse DRM, closed platforms, etc currently on the market to see what a nightmare this could turn into. 

Ubisoft went to a cloud based save system under the guise of 'convenience', and look what we have? Draconian DRM theyre applying across all their releases. you MUST be online and logged into Ubisoft servers in order to play an Ubisoft title. if your internet connection momentarily disconnects, you get kicked back to the game menu. if their master server is down, noone who purchased the game can play it.

why the hell customers would stand for this - and get sucked into scenarios like this - just blows my mind. we should be fighting oppressive DRM schemes at every turn - not encouraging companies to use them.

and yes i know that this thread is just a suggestion for a rendering service - but its the perfect setup for such a DRM scheme.

"Ubisoft went to a cloud based save system under the guise of 'convenience', and look what we have? Draconian DRM theyre applying across all their releases. you MUST be online and logged into Ubisoft servers in order to play an Ubisoft title. if your internet connection momentarily disconnects, you get kicked back to the game menu. if their master server is down, noone who purchased the game can play it."

I certainly understand your very valid concerns about the clever means by which software &content creators will imposes draconian DRM protocols  
But I am also confident that the Clever geeks &"techies" on the user side will devise way to circumvent theses measures and enterprising alternative providers will step in and offer "Off line" alternative apps.

We who choose to live partially "off the grid" and only go online for our personal convenience, will have choices of stand alone programs& apps I believe

Cheers

How interesting.  Apparently DAZ is playing with what I've been talking about. See 'DAZ Studio Online.'

http://devcenter.gizmoz.com/newsite/digimiCreator/digimiCreator.html?mkt_tok=3RkMMJWWfF9wsRonuazNZKXonjHpfsX66%2BsuUKWg38431UFwdcjKPmjr1YIFRMB0dvycMRAVFZl5nRlWE/SML4Q%3D 

Now it's obviously just a bare beginning, I assume that's why it's in 'devcenter' - the rendering doesn't seem to work and the content is minimal, I don't even know where if if the plan to do a full service - but it's interesting indeed.

Add the entire DAZ content library, account management, storage, render farm infrastructure etc. and you have something that might be pretty compelling for some people. If you tie it in with the application on your local machine it might be possible to start a scene at home, upload just the description of the content, lighting, poses etc. and then continue working on it from anywhere or vice versa. You would only need to buy DAZ content if you wanted to have a local copy.

One problem I see is non DAZ content. Maybe vendors would allow DAZ to host their content if they got a workable per use fee. Otherwise, maybe some arrangement could be made to upload it in with a key so that only the purchaser could use it. With data deduplication, there would still only need to be one copy of any one item. Many potential issues to work out

Quote - "Ubisoft went to a cloud based save system under the guise of 'convenience', and look what we have? Draconian DRM theyre applying across all their releases. you MUST be online and logged into Ubisoft servers in order to play an Ubisoft title. if your internet connection momentarily disconnects, you get kicked back to the game menu. if their master server is down, noone who purchased the game can play it."

I certainly understand your very valid concerns about the clever means by which software &content creators will imposes draconian DRM protocols  
But I am also confident that the Clever geeks &"techies" on the user side will devise way to circumvent theses measures and enterprising alternative providers will step in and offer "Off line" alternative apps.

We who choose to live partially "off the grid" and only go online for our personal convenience, will have choices of stand alone programs& apps I believe

Cheers

right, the Ubisoft DRM has been cracked...
but what are you suggesting? that we put ourselves in the position where people who will NOT bend over for DRM have no choice but to hunt for cracks to use the content they paid for offline/untethered from the provider?

what if the provider takes the next step and doesnt actually provide an extractable archive of the product to purchasers - as has been suggested in this thread?

like i said if i buy something i want to own it. i want it on my own hard drive, to use however the hell i want, untethered from the provider. 'renting' something from a cloud has zero appeal for me - even if i did have unlimited bandwidth.

our internet rights and freedoms have been slowly eroding away under the guise of 'convenience' and 'safety' over the past decade. personally id rather give up a little 'convenience' and retain full control.

"right, the Ubisoft DRM has been cracked...
but what are you suggesting? that we put ourselves in the position where people who will NOT bend over for DRM have no choice but to hunt for cracks to use the content they paid for offline/untethered from the provider?"

No I  suggest that you NOT buy from those online only,DRM obsessed providers in the first place.
and as MORE& MORE providers go that online only route
( likely in the near future)
A natural void will be created and filled by enterprising programmers who will offer "stand alone"
alternatives to these cloud based applications& content.
and it rarely takes long.
My new kindle Fire tablet from Amazon already has a "jail break" available to let those who desaire install & run other android based OS's services. and its only been out a month.

I Doubt there will ever be a DMR scheme that was either
unbreakable
or where similar stand alone content is not available elsewhere.
We will always have options IMHO unless people are so Wedded to a particular provider( poser/DAZ) that they are willing to be imprisoned by whatever DMR scheme they might impose.

You guys talk about cloud and DRM as if they are one and the same. This thread isn't about DRM, any more than a car talk about engine performance would require a discussion of vehicular homicide. Wow - so paranoid.

Personally, I would like it if when I want a Poser package, it comes as a zip file behind the scenes and it automatically unpacks it in the local runtime of my choosing, and also puts it (the zip) in my cloud-based backup area, so when I eventually have to replace this computer, it all magically reappears. I would also like a one-click button that means "that freebie I just downloaded is crap and I want to remove it and all its stinking pieces automatically."

Nowhere in that scenario is there any DRM, nowhere do I have to be connected in order to use my content, and nowhere am I "renting" anything that can be pulled out from under me.

"You guys talk about cloud and DRM as if they are one and the same. This thread isn't about DRM"

I am pretty sure we all understand the difference
it seems that some see the could as just another way to  rigidly enforce DRM.

I see the value of Cloud based  STORAGE of previously purchased Mobile apps& content ( Apple & Android) Devices etc.

For professional production Software ( C4D ,MAX, Maya, Houdini etc.) its not really practical for various technical reasons.

For poser/DAZ content.. I truly dont care what the new distribution model eventually becomes and I am not a "gamer"  so I dont care about them either.

Cheers

so paranoid.

Nope. Unhappy uncustomers who don't want to totally tied to the cloud and whatever whims companies apply.

"Nowhere in that scenario is there any DRM, nowhere do I have to be connected in order to use my content, and nowhere am I "renting" anything that can be pulled out from under me."

YET - but it sets up the perfect platform for its delivery.

"My new kindle Fire tablet from Amazon already has a "jail break" available to let those who desaire install & run other android based OS's services. and its only been out a month."

how is that a viable solution? running 3rd party hacks, voiding warranties, losing functionality just to retain freedom that should have been there in the first place.

you guys have some trusting, utopian views of developers.  at least one of the major poser content providers has a long history of clever profiteering schemes behind them - you think they wouldnt jump on an opportunity to implement DRM if you literally hand them the platform on a platter for the sake of a little 'convenience'?

btw the .zip containers i suggested in this thread would solve the ease of installation/backup/removal/organizing with no loss of end user rights/control. why are we still even 'unzipping' products in the first place? with modern processors they can be unzipped on the fly as needed without a noticeable hit to performance.

also i do not want Daz, SM, Rosity, RDNA, or anyone having any more control over my local computer.  .exes are invasive enough already.

I'm as paranoid (or wise) as anyone about retaining control. I doubt that I would buy into a service that didn't provide the option to purchase and download unencumbered copies of content as we do today. Having the option to use or 'rent' a copy for online use would have to be just that, another option. I'm pretty sure that most mid to high level 3D will remain tied to the desktop for a long time. OTOH, mobile computing is obviously the future. I don't see the utility of rendering on the console screen of your Ford Escape, but I can imagine there are scenarios for every thing from the military to architechts to who knows might benefit from some kind of service based solution though. As for DRM etc., I'm less worried about the companies who have to meet customer demands doing it on their own. I'm more worried about them paying their stooges in DC to mandate it.

"how is that a viable solution? running 3rd party hacks, voiding warranties, losing functionality just to retain freedom that should have been there in the first place."

Hi you Miss my point
I used that example simply to illustrate that alternatives will always exist for people really need them ...most dont TBH

"you guys have some trusting, utopian views of developers."

No but I live in reality.
We "buy" and "own" Vehicles that costs way more than some Digital Slutwear for V-chick
but never think twice about the fact that we can not even diagnose a minor engine problem without Attaching the cars "Computer" to a manufacture Approved Diagnostic Station and using manufacturer Approved replacement parts .
What is the alternative?? Drive a really old Car and maintain it yourself with after market parts. not a "desirable "solution but thats the reality

as we all know,You dont actually "own" most of the software you use but instead have purchased  a license to use  it under whatever conditions have been set by the publishers EULA.
but unlike Car manufacturing it is relatively easy for a companies & individuals to write alternative apps& content that are not cloud based.

but if your creative life is so completely dependent on what is fed to you from DAZ or SM or even Ubisoft then I guess you may have a concern about them moving to a cloud based Distribution system.
Fortunately for me my professional creative/ entertainment world is little more diverse.

Cheers
 

"I'm pretty sure that most mid to high level 3D will remain tied to the desktop for a long time. OTOH, mobile computing is obviously the future. I don't see the utility of rendering on the console screen of your Ford Escape, but I can imagine there are scenarios for every thing from the military to architechts to who knows might benefit from some kind of service based solution though."

**
**

This ^

Quote - No but I live in reality.
We "buy" and "own" Vehicles that costs way more than some Digital Slutwear for V-chick
but never think twice about the fact that we can not even diagnose a minor engine problem without Attaching the cars "Computer" to a manufacture Approved Diagnostic Station and using manufacturer Approved replacement parts .
What is the alternative?? Drive a really old Car and maintain it yourself with after market parts. not a "desirable "solution but thats the reality

as for hooking vehicles up to the computer: valid point. just bringing it in to a dealer and having them hook it up for a diagnostic can cost upwards of $100.

but you can also order an OBD-II bluetooth adapter on ebay for ~$20 and diagnose it yourself. they even have android/iphone diagnostic apps for them.

a more accurate example would be what if instead of your vehicle's onboard computer, it just had a receiver - that required wireless connection to GM in order for your vehicles fuel, emissions control, odometer, transmission, navigation, etc to function?  the 'benefit' of this would be if you stepped from one GM vehicle into another, it would automatically adjust your seat and mirrors for you according to your 'user profile'.

F that. give me a non-computerized car with a standard transmission, thank you.

"as for hooking vehicles up to the computer: valid point. just bringing it in to a dealer and having them hook it up for a diagnostic can cost upwards of $100.

but you can also order an OBD-II bluetooth adapter on ebay for ~$20 and diagnose it yourself. they even have android/iphone diagnostic apps for them."

I have seen such self diagnostic devices advertised.
They might help you in contesting some padded diagnosis of some unscrupulous repair shop
But alas in My old home state of virginia, they will NOT help you pass the State MANDATED annual carbon Emissions tests that must be conducted with their State Approved systems.
I am not even sure about the rules up here in New York as  I have
Abandoned car ownership/Driving altogether.

Cheers

^they are useful for when your check engine light pops on. some cars have it automatically come on at predetermined mileage milestones (40k, 50k). in that case it takes you 2 min to reset it instead of paying your dealership to hook it to their computer than then 'discover' a bunch of issues that need fixing.

other times the problem could be minor, and you can fix it yourself:  my last three 'check engine lights' were an oxygen sensor, camshaft position sensor, and the brake indicator switch.  i fixed all three in my driveway for under $25 (new parts from ebay). diagnosis is free, and sometimes its a part you can change yourself.

other times some sensor glitch may throw a one-time error code, and your check engine light will be on (and you wont see other problems) until it gets reset.  if someones tech savvy, has a laptop and a car made after 1996, they owe it to themselves to get an ODB-II cable so theyre not totally at the mercy of their dealer/mechanic :)