keyze opened this issue on Dec 03, 2011 · 97 posts
keyze posted Sat, 03 December 2011 at 3:37 PM
I like many others are finding the file system for DAZ and Poser to be a real drawback and has not got anything to do with the art we want to create. If someone would stctloud service that would be able to take our files bought, free, or made (correctly) and file them in a way that allows us accesses to either update and download after install or even use on the web it would allow a lot more people to this world and they would spend money for the service either by paying per install or paying by the month for access to this information already correctly installed in the cloud.
It would take money and brain power to set up but it would be a constant income for many many years. Think of the retirement income and a way to put money in the bank.
You could set up cost in many ways to make sure you get even the smallest user charge by the access, or monthly, or added file or both.
keyze posted Sat, 03 December 2011 at 3:39 PM
sorry missing part is start a cloud
I know I am dreaming but even this is comming to your computer in the near future!
wolf359 posted Sat, 03 December 2011 at 7:36 PM
**"take our files bought, free, or made (correctly) and file them in a way that allows us accesses to either update and download after install or even use on the web it would allow a lot more people to this world and they would spend money for the service either by paying per install or paying by the month for access to this information already correctly installed in the cloud.....make sure you get even the smallest user charge by the access, **"
Hi
I just spent my First Full Day with My new tablet Computer the "Kindle Fire"
"Cloud" based computing( which is really a revival of the old "mainframe" systems used within larger Corporations in the bygone past),
is designed for mobile users who need access to all or most of their DATA& Content new & Old across a variety of "smart" Devices.
the poser user typically only needs his /her content on ONE device.
their home computer where they will be rendering their image/animations etc.
Your post seems to indicate you thing poser user should somehow pay everytime they load an outfit from their poser library in "the cloud"
I dont think such system would be accepted by this user base.
Cheers
Blackhearted posted Sat, 03 December 2011 at 7:46 PM
im absolutely repulsed by cloud computing.
FrankT posted Sat, 03 December 2011 at 7:51 PM
Quote - im absolutely repulsed by cloud computing.
Ehh it has it's place - not really for Poser though. How'd you get around the licensing for e.g
infinity10 posted Sat, 03 December 2011 at 8:00 PM
We can just save our files in the cloud as a private archive and pull down for installation to local machine, but that would need a change in the licensing for some archives. I would love to have backup in the cloud but the uploading time alone would drive me nuts, not to mention organising my stuff in the cloud.
If we're talking about runtimes installed and run off the cloud, thee are issues such as lagging, licensing, and security to resolve. Early days yet.
Eternal Hobbyist
wolf359 posted Sat, 03 December 2011 at 8:03 PM
"im absolutely repulsed by cloud computing."
For Production& Creative software it is a major restriction of your Commercial freedom as it turns everyone into a "renter" dependent on having a broadband connection to use his creative tools.
This would be a nightmare for us who do deadline oriented Client work.
For Disposable mass media entertainment
(movies& music etc) I can see why it is being attempted as a "new" Distribution model.
Unfortunately IMHO they are too late as the "cloud"
for these two areas has existed for years in the form of file sharing and internet so called "piracy" communities.
Cheers
bagginsbill posted Sun, 04 December 2011 at 7:37 AM
I am actually being paid to solve some of these problems right now. I am developing a new product to enhance cloud storage security, and remove barriers to its adoption.
One of the barriers is ease of use - it has to be dead simple and transparent, as if you were not using cloud anything. That means that when you are not online, but you want your files, they are their locally. Not a problem. And if you modify/add/delete said files while offline, they should sync up later, when you reconnect, without you doing anything at all.
All of this is currently available right now from dropbox and box.net, just to name two examples. Box.net doesn't offer the transparent access unless you pay. Dropbox offers it even in the free service. But you only get 2 GB free with DB.
Anyway, what I'm concerned with has more to do with security and publication, hackers and thieves. In essence, the stores should be publishing in the cloud - the vendor does the installing. Then, instead of you downloading an item, you would just buy the right to access it where it is already installed. The tricky thing is to merge the appearance of that one item (and all the others you have "bought") into your personal view of the cloud. This is not insurmountable, but it is unheard of as yet. Once merged into your view, local copies will appear in your computer(s) without any effort on your part.
This is why I'm not posting very much about Poser.
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
bagginsbill posted Sun, 04 December 2011 at 7:42 AM
Quote - im absolutely repulsed by cloud computing.
Don't equate cloud computing with cloud storage. Not saying you were, but the subject of this thread is storage, not computing. We'll be doing the rendering (computing) locally, from local copies of files, even if the runtime is replicated in the cloud.
Personally, I have already had the satisfaction of a dead computer replaced in minutes because all my important files were in DropBox. It took me zero effort to recreate "My Documents" when I got my new machine. All I did was install DropBox, enter my user id and password, and all my files re-appeared. Poof.
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
infinity10 posted Sun, 04 December 2011 at 7:56 AM
That's great, BB.
One point as a content user: when merchants move away from stores or drop out from selling content altogether, their products are taken down. With traditional purchase, download-and-install content, we still have access locally to on our computers. If we shift completely to the cloud, that's a different scenario.
Eternal Hobbyist
bagginsbill posted Sun, 04 December 2011 at 8:15 AM
In my scenario you if you have 3 computers with cloud storage, there are 4 copies of the file. One on each computer, local, and the extra copy in the cloud.
If you lose a computer and replace with a new one, there are now 5 copies, one of which is no longer tracking changes. (The dead computer)
In the event that a vendor would "revoke" a file, then I suppose there is the possibility of losing access to it (all copies would disappear) but in the case of purchased content, I suppose the right approach would be to say that a vendor simply is not legally allowed to revoke a file. Or - we make the system work in such a way that the original published copy is not required to maintain the shadow (local) copies for people who bought the right to have that content. Either way, the bias against cloud storage has more to do with the fact that this is new and unrefined, rather than it is new and sucks.
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
Winterclaw posted Sun, 04 December 2011 at 8:49 AM
Cloud storage has it's pros and cons. I'm generally against it, or more specifically being forced into it. If the only option for a product would be something in the cloud, then I'd be pretty mad and likely not buy the thing.
WARK!
Thus Spoketh Winterclaw: a blog about a Winterclaw who speaks from time to time.
(using Poser Pro 2014 SR3, on 64 bit Win 7, poser units are inches.)
bagginsbill posted Sun, 04 December 2011 at 8:52 AM
Tell me what you think the difference is between your account presented at Rendo today, versus one based on cloud storage. Specifically, what's the difference between a web site with downloadable files granted to you over time due to purchases, versus "the cloud". How is having a file show up on your machine after you buy it, through no action on your part, a bad thing?
I suspect since "the cloud" is not actually well defined, we're talking past each other.
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
lmckenzie posted Sun, 04 December 2011 at 8:55 AM
Why not dream really big? Poser/DS as a service over the web. I believe that Adobe is already doing this with Photoshop Express. The application and the assets would live in the cloud. You'ld have auromatic access to a renderfarm. You wouldn't have to buy any content, you'ld rent whatever you needed for a scene from a huge selection etc. Getting DAZ etc. to come up with a profitable and afordable pricing scheme would be difficult no doubt, but hey, it's a dream :-)
"Democracy is a pathetic belief in the collective wisdom of individual ignorance." - H. L. Mencken
infinity10 posted Sun, 04 December 2011 at 9:04 AM
Folks, BB may be under an NDA, so I don't think he can actually talk in specifics.
Eternal Hobbyist
Winterclaw posted Sun, 04 December 2011 at 9:09 AM
Bill, I'm thinking more along the lines of, it's on your computer (so long as the computer is working) vs it's never on your PC if there's a problem with internet, the site is down, the servers are buggy, as well as bandwidth issues (not so much a problem in the US but a problem in other countries) which include having to download (have streamed) several large files every time you want to do a render, etc. Then you've got to consider as cloud computing becomes more popular, you've got to realize that malware targeted at the weakest link (end user) will start showing up.
Plus I'm thinking the federal government is going to probably get involved sooner or later and just make everything in the cloud a legal nightmare. Take the stop online piracy act. A pirate stores something pirated in your provider's cloud then that entire cloud goes bye-bye. Or if he has a pirated copy of V4, then no one can use V4 until the whole piracy mess is cleaned up.
Finally, we all know that 90% cloud storage will eventually be used to hide people's porn collection. :blink:
WARK!
Thus Spoketh Winterclaw: a blog about a Winterclaw who speaks from time to time.
(using Poser Pro 2014 SR3, on 64 bit Win 7, poser units are inches.)
Blackhearted posted Sun, 04 December 2011 at 9:56 AM
Quote - > Quote - im absolutely repulsed by cloud computing.
Don't equate cloud computing with cloud storage. Not saying you were, but the subject of this thread is storage, not computing. We'll be doing the rendering (computing) locally, from local copies of files, even if the runtime is replicated in the cloud.
Personally, I have already had the satisfaction of a dead computer replaced in minutes because all my important files were in DropBox. It took me zero effort to recreate "My Documents" when I got my new machine. All I did was install DropBox, enter my user id and password, and all my files re-appeared. Poof.
its both, actually. cloud computing repulses me due to ideological, privacy, freedom and security reasons.
but my main issue with cloud storage is the fact that not everyone has unlimited bandwidth. by 2012, theres no reason we shouldnt - yet as each year goes by, bandwidth caps/restrictions/fair use policies get more and more restrictive, and overages more and more ridiculous. all i see are attempts by ISPs to charge more and more for b/w each year. in fact the Canadian govt just quashed a bill that was almost passed that would have made unlimited internet a thing of the past here.
my latest product has over 10 gigs of (compressed) WIP files. what should i do with that? upload it to a cloud? i can just burn it to a couple DVDs or a BD for $1 - by the time i need to worry about disc rot, the data on it will be obsolete. my only concern is if my house burns down - which is why i keep some copies of important data such as family photos, documents, etc in a safety deposit box offsite (which came free with my bank account).
contacts, small files/documents, etc i need to access from elsewhere can be stored in the GMAIL 'cloud' - which is about as far as i personally want to go with cloud computing.
right now im on mobile broadband with a very low monthly cap and extremely high overages. now i dont intend to be in this situation forever, and am eager to get back onto unlimited internet - there are still many areas where this is not a possibility. also keep in mind that many of you are in the US, but Poser users are international - so when considering cloud runtimes we are talking about the entire world. not everyone has access to inexpensive, unlimited internet. internet access is cheap in some countries, astronomically expensive in others.
i just went through my runtime and deleted all of the bloat - anything i havent used in years, or default content i didnt need, etc i deleted. i have it trimmed down to 3 gigs and over 10k files. thats still a lot of data to access remotely. many people have runtimes over 10 gigs.
when im traveling im not going to be rendering on a smartphone. a laptop? well, i can just copy the runtime over in a couple minutes, or even put it on a USB stick or drive.
so what benefit would a cloud runtime have for me? none, really. but it would open the door for more ridiculous licensing/profiteering schemes from content providers. im not a renter/leaser. i prefer to buy things outright, and own them unconditionally and be in full control of them. when i buy something its mine, and you have no right to take it back, change the conditions of the agreement, the prices, the terms of use, etc - or have any say in how/when/where i use that product. cloud runtimes would put you in a position where you would lose this control/absolute ownership.
Blackhearted posted Sun, 04 December 2011 at 10:01 AM
"Getting DAZ to come up with a profitable and afordable pricing scheme would be difficult no doubt, but hey, it's a dream :-)"
HAAAHA
wolf359 posted Sun, 04 December 2011 at 10:39 AM
"so what benefit would a cloud runtime have for me? none, really. but it would open the door for more ridiculous licensing/profiteering schemes from content providers. im not a renter/leaser. i prefer to buy things outright,"
Agreed!!
a Cloud based runtime would only be relevant if you needed to access it from some mobile location
and who would need to do that as your runtime is literally part of your poser software set up.
I personally think that companies Like Adobe would be foolish to think that CG pro's will fully embrace the idea of depending on remote software for deadline oriented client production work.
But perhaps they are targeting the casual user who may only need a decent graphics editing program without any long term need to "own " a local copy.
IMO the Companies that will likely prevail with this "cloud" scheme are the ones that offer some form of hardware that is closely tied to their cloud based "ecosystems" of Content.
I Just bought the new tablet from Amazon, the android based "kindle Fire" to sort of celebrate My completion and final delivery of the finished Character animation for a Film client.
While it is pre linked to my Amazon account it has two options for content -"CLOUD" or "DEVICE"
and while gives me great mobile access to the Massive Amazon ecosystem
I am glad it works as nice stand alone device when I am not in a wi fi hot spot. meaning I can read my own PDF books & Documents or watch my own local Video content in HD MP4 format that I load on it Via its USB port from my Mac or run my own local android apps .
Cheers
Blackhearted posted Sun, 04 December 2011 at 11:05 AM
well thats where computing is heading, and the future looks pretty grim to me.
the average user will just rent a box like a cable box that allows them access to the cloud. telecom cos will sell tiered application 'packages' for office/productivity apps, games, media access, etc. this will likely also allow them to charge for home networking since each 'computer' will require its own box and subscription.
the casual user will rejoice at no more worrying about viruses, malware, identity theft, stability issues, freezes, hardware failure, data loss, updates, installation, being scammed and gouged by comp stores/repairmen etc. most of them dont care about the finer points of computing freedom and just want things to be easy to use, and work - fast and trouble free.
the powerusers and internet 'purists' will suffer, and likely hang onto hardware as long as they can despite the fact that itll likely become more and more prohibitively expensive as it leaves the mainstream.
either way, small local comp stores days are numbered.
Blackhearted posted Sun, 04 December 2011 at 11:22 AM
"While it is pre linked to my Amazon account it has two options for content -"CLOUD" or "DEVICE"
and while gives me great mobile access to the Massive Amazon ecosystem
I am glad it works as nice stand alone device when I am not in a wi fi hot spot. meaning I can read my own PDF books & Documents or watch my own local Video content in HD MP4 format that I load on it Via its USB port from my Mac or run my own local android apps ."
the amount of software and games that are shipping recently that require uninterrupted internet access to run their DRM is alarming. perhaps im just more sensitive to it since i have to closely monitor my bandwidth usage, but DRM schemes are getting quite oppressive. cloud computing is DRM's wet dream. a situation where vendors control the content, distribution and hardware can be a particularly disadvantageous one for the consumer. ie: running only vendor approved software on vendor approved hardware over a vendor approved distribution network.
look at the iphone as just one small example of how a company with a closed system can take advantage of its customers. it is an overpriced device with oppressive limitations on its usability and interaction with other devices, deliberately designed hardware upgradeability limitations (no user replaceable battery, no microSD slot, etc), etc. (unless you jailbreak and/or use unapproved 3rd party apps), its intentionally designed so that simple operations like putting a photo album on your phone has to go through an apple approved application. look at how apple abuses the closed platform and you will see where cloud computing is headed.
wolf359 posted Sun, 04 December 2011 at 12:11 PM
"well thats where computing is heading, and the future looks pretty grim to me."
My personal prediction is that it wont happen as quickly and smoothly as some of the "cloud Dreamers" may think or hope.
Take for example the home video market.
After a short lived format war between HDDVD and Blue-ray BR emerged victorious which seemed to portend the end of the Standard DVD market for both content and hardware.
Bill gates asserted that it did not matter who won the aforementioned format war because the physical disc as a delivery format for home movies, was "Doomed".
But what do we see today
in any official home release of a major hollywood
Film??
The "combo pack"
A Blue Ray Disc +Standard DVD, and a "Digital Copy" in the cloud
They realized that unlike VCR's that World is still Flooded perfectly functional and low cost Standard DVD players and large numbers of people who Do not understand or just dont care about seeing everything in glorious 1080pi.
So they still offer the DVD's for them the BR for the "cutting edgers" and the
Digital "cloud copy" for the uber tech savvy,mobile "bleeding edgers'.
Now considering the number of laptops and Desktop PC's and Macs still
in that hands of people who desire to have their applications installed locally
it does not seem like to me that such market will be completely obsolete for some time in favor of some Empty box that is useless without a broadband feed tube
"the amount of software and games that are shipping recently that require uninterrupted internet access to run their DRM is alarming."
Indeed it is however sometimes it has the unintended effect of creating a vibrant alternative market for Slightly Older hardware and user community home brewed software& content to run on it
this is Exactly what has occurred with the Sony PSP hand held gaming system
as they moved from UMD media Disc based games to Download only version of all their content.
The " PSP home brew" community created their own alternative firmware for the PSP
Along with Content that is in many way far more versatile than the officially supported releases from sony.
this has also caused the resale value of older PSP's to remain abnormally high.
"look at how apple abuses the closed platform and you will see where cloud computing is headed."
Consider ,however that if this Cloud Model Take soff as expected then Draconian Closed systems Like Apple will be in Peril Due to competing ecosystems that offer similar quality
Content.
Particularly considering hardware costs
Understand this:
I am a long time Mac user
but the android market is a viable competitor to the Apple IOS
at this point and,according to business tech reports, right now the number two selling tablet after the Ipad is My new" kindle fire"at $200 USD verses $499 for an Ipad.
and most of the android based "smart phones" can be had for less than the Iphone.
So I do wonder how long apple will be able to justify the cost of its IOS hardware devices.
Cheers
Winterclaw posted Sun, 04 December 2011 at 1:41 PM
Quote - the amount of software and games that are shipping recently that require uninterrupted internet access to run their DRM is alarming. perhaps im just more sensitive to it since i have to closely monitor my bandwidth usage, but DRM schemes are getting quite oppressive. cloud computing is DRM's wet dream. a situation where vendors control the content, distribution and hardware can be a particularly disadvantageous one for the consumer. ie: running only vendor approved software on vendor approved hardware over a vendor approved distribution network.
look at the iphone as just one small example of how a company with a closed system can take advantage of its customers. it is an overpriced device with oppressive limitations on its usability and interaction with other devices, deliberately designed hardware upgradeability limitations (no user replaceable battery, no microSD slot, etc), etc. (unless you jailbreak and/or use unapproved 3rd party apps), its intentionally designed so that simple operations like putting a photo album on your phone has to go through an apple approved application. look at how apple abuses the closed platform and you will see where cloud computing is headed.
Yeah, things like this are my biggest pet peeves when it comes to modern computing; clouds, DRM, and things big companies do to screw the end user.
WARK!
Thus Spoketh Winterclaw: a blog about a Winterclaw who speaks from time to time.
(using Poser Pro 2014 SR3, on 64 bit Win 7, poser units are inches.)
mrsparky posted Sun, 04 December 2011 at 1:48 PM
The only way I can see any form cloud stuff working is if theres a good countrywide web infrastructure offering safe, secure and fast access. Thats not just any form of online-poser, but downloads or even just basic email.
Which at present isn't avaliable, well certainly not in the UK, indeed having to travel regularly I find the choices are ..
Dongles. Overpriced, unreliable and with incredibly limited bandwith.
Hotspots - free ones are normally insecure. Even in safe places like hotels and business centres theres time limits or data caps. Some companies also have content restrictions when using their networks.
All of which assumes you can figure which out network is safe to login onto. At one northern airport I use, theres 7 hotspots all claimng to be the aiport!
Scrounging - asking a friend if you can use theirs, which as well as being anti-social might impact their bandwith.
Smartphones - OKISH for basic stuff like maps and email, but can be pricey and often slow on 3G.
BTFON - a service which allows customers of one phone company/ISP to logon quickly and safely. Service is reasonably fast and works well, but only if you use that company.
...Bascally there nothing thats totally 100% on tap and safe like it is at home.
Though if there is a good reliable infrastructure in place it can work....Like the situ here..
http://www.amateurphotographer.co.uk/news/Royal_wedding_photographers_Behind_the_scenes_news_307258.html
...having trialled one of those cards at another event, it's amazing tech. But only when theres a good network and then we're back to the 1st point.
shvrdavid posted Sun, 04 December 2011 at 2:55 PM
The sad part about a lot of this is that you don't own any of your software to begin with (Unless you wrote it). Almost all software rights are retained by the creator. Including the right to make you delete it from your system is you are found in violation of the EULA associated with it. Cloud storage violates almost every EULA out there.
That in itself is the biggest drawback of cloud storage.
All a software creator would have to do is notify the cloud storage service that you forfited your rights to the program based on the EULA, and the next time you connect you loose it.
Cloud storage for information that is not bound by a EULA is fine, but as soon as a EULA is involved, the lawyers will step in.
I personally would not use a cloud storage service simply because I have my own servers that already do the same thing they do on my home network. My servers also keep far more information than most cloud systems would.
If one of my systems dies, I can do a complete system restore to within a day of the failure, and certain directories are mirrored on every write event. If I add something to a Runtime, it appears on multiple machines here etc.
I don't know if the clouds can do complete system backups, but I doubt that they are anywhere near as capable as my own personal setup
Security is a huge problem with any storage system. If someone gets in, they will get synced. Meaning that they get your info, and you get theirs next time you connect. That can be a really bad thing if if you have a lot of systems linked to the cloud, and they inserted something mailcious into you data.
Sooner or later someone will come up with a security system that will stop most of the problem.
From personal experience, I will say later, much later.
All you have to do is look at the news, and you will quickly see that the best security systems are cracked all the time.
If you can write it, someone can crack it. The cracking part is only a matter of time.
Some things are easy to explain, other things are not........ <- Store -> <-Freebies->
bagginsbill posted Sun, 04 December 2011 at 3:50 PM
The best security systems are not cracked all the time. It's the not-best ones that are cracked all the time.
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
Blackhearted posted Sun, 04 December 2011 at 3:52 PM
Quote - The sad part about a lot of this is that you don't own any of your software to begin with (Unless you wrote it). Almost all software rights are retained by the creator. Including the right to make you delete it from your system is you are found in violation of the EULA associated with it. Cloud storage violates almost every EULA out there.
in THEORY. putting it into practice is another thing entirely.
good luck enforcing it while your users are running their own local machines.
a small example of this is way back when one of the major content providers tried to enforce a 'special' altered EULA after the fact for a character based on a minor celebrity. in addition to the standard license there were other stipulations that it not be used in certain types of renders - offensive, pornographic, violent, endorsing a product, unflattering (lol), etc. the userbase told them to go pound sand, the company took huge amounts of flak over it, and IIRC soon after they claimed the added restrictions had simply been a 'request'.
had those users been on a cloud, theyd have been completely at the mercy of the company and yanking their rights from under them would have been a trivial affair. in fact, it would have been a simple matter for the company to say 'we have noticed that you have posted an image that violates the EULA for this product. your digital rights to the product have been revoked and your account has been closed'.
cloud computing tips 100% of the control over to the publisher. this is not a good situation for the customer to be in.
SteveJax posted Sun, 04 December 2011 at 4:37 PM
Quote - How is having a file show up on your machine after you buy it, through no action on your part, a bad thing?
Scenario #1: Someone hacks your cloud and replaces one of your "trusted" files with a rabid virus. Your PC automagically grabs it and WHAM! Your back ups are screwed. Your computer is screwed. You're screwed!
I'll stick to having my backups on media that cannot be hacked thank you very much!
bagginsbill posted Sun, 04 December 2011 at 4:51 PM
Quote - > Quote - How is having a file show up on your machine after you buy it, through no action on your part, a bad thing?
Scenario #1: Someone hacks your cloud and replaces one of your "trusted" files with a rabid virus. Your PC automagically grabs it and WHAM! Your back ups are screwed. Your computer is screwed. You're screwed!
I'll stick to having my backups on media that cannot be hacked thank you very much!
This assumes you have bad security - i.e. you are not using client side encryption. You are more likely to be hit by an asteroid than to have a file replaced without your awareness of it. A modified file simply won't make any sense when you bring it down to your computer. It will be recognizable nonsense.
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
mrsparky posted Sun, 04 December 2011 at 6:43 PM
..This assumes you have bad security
By that do you mean blame the end user or are you saying there are totally 100% unbeatable security systems out there?
Either way is bull. Nothing is ever totally unbeatable. Look at how many times DRM is regularly walked around or it bugs the customers so much they either opt out or make a big fuss.
Theres also plently of examples of how if users are annoyed too much, they'll take actions which can become counter productive to security. Like jailbreaking their mobiles.
What you need are simple transparent systems that don't adversely impact the user. Either by EULA or operation. Give them things like the opportunity to back up to hard media, or allow other ways of authentication say ones that don't need the internet.
modus0 posted Sun, 04 December 2011 at 8:40 PM
Quote - They realized that unlike VCR's that World is still Flooded perfectly functional and low cost Standard DVD players and large numbers of people who Do not understand or just don't care about seeing everything in glorious 1080pi.
Not just that, but there are plenty of people (myself included) who don't own a TV set that are capable of "hi-def" viewing, and so buying Blu-ray format movies is pointless.
Until all the TVs that can't handle HD resolution have been replaced you'll continue to see people wanting DVD media.
________________________________________________________________
If you're joking that's just cruel, but if you're being sarcastic, that's even worse.
lmckenzie posted Sun, 04 December 2011 at 11:52 PM
I’m an old fashioned – don’t need no steenkin’ cloud type and I will never store my pr0n in the cloud as long as I have a working HD ÷) I do also see the way things are going though. While there are advantages to having your own water well, electrical generator etc., it simply makes more sense to have those things as centrally maintained utilities and in the long term, I can imagine computing going in the same direction. The problems of universal high speed access and security are difficult but probably not intractable. Outages will be inevitable, but a well designed global infrastructure should minimize them and people will accept that they occasionally happen, just as they do with other utilities. Privacy seems to be a concept that is fading with each new generation. It is a concern for me but if trends continue, I suppose that in 50 years everyone will be content to have a camera shoved up their bums to continually broadcast their intestinal status to the world – and monitored by the gov’t. It does make sense to me though that web hosted 3D applications and content may someday come to pass. Downloading and managing gigabytes of content locally, along with installing and updating applications may make sense today… but if it could be done online, then I can see future users of Adobe ‘Poser Studio 2020’ happily creating scenes with Victoria 12 on their ‘pads while sitting in the park and having them rendered in seconds with the spare cycles of MicroGoogle’s global server farm. Rather than go back and forth in forum messages, you could have someone instantly log onto your scene and show you tweaks etc. Who knows what people would come up with in terms of group collaboration etc. Even as a ‘pry my Vickie from my cold dead hands’ luddite, I can see enormous potential. Remember, you heard it here first ÷)
"Democracy is a pathetic belief in the collective wisdom of individual ignorance." - H. L. Mencken
Dale B posted Mon, 05 December 2011 at 4:53 AM
Now they just have to design the hardware for that....
Code the basic security and keep it working...
Lay out the multi-billion dollar investment to actually =create= the kind of high speed net to handle that traffic load....
Create new laws to avoid unresolved issues like creator's rights vs end user's right, ownership concepts and how they will change...or simply become irrelevant, how much control does the cloud hardware owner(s) actually have over digital information that they never had any true involvement in, the whole structure of contractual law that will get tossed in to rape the sheeple and grow the bottom line......
Tweak existing laws to fit into a framework they were never designed for (I give you the RIAA and MPAA as shining examples of how -that- problem is being addressed)...
Improve the power grid and power production systems overall to handle the load....
Yep.
Gonna be worth it.
Now where is my 'You'll get my data when you pry my hard drive out of my cold, dead hand' bumper sticker.......?
bantha posted Mon, 05 December 2011 at 5:49 AM
I use online storage for backups, I encrypt my files with a good password, using an up-to-date encryption too. It may not be unbeatable, but I think that it's safe enough for my files. Even a bank safe isn't "unbeatable", it's just safe enough so that a serious try to rob it isn't worth it. Too complicated, too expensive, not enough benefit.
But I like to have my files here as well, a "Cloud only" solution would not exactly be that what I want.
A ship in port is safe;
but that is not what ships are built for.
Sail out to sea and do new things.
-"Amazing
Grace" Hopper
Avatar image of me done by Chidori.
Penguinisto posted Mon, 05 December 2011 at 8:43 AM
Quote -
had those users been on a cloud, theyd have been completely at the mercy of the company and yanking their rights from under them would have been a trivial affair. in fact, it would have been a simple matter for the company to say 'we have noticed that you have posted an image that violates the EULA for this product. your digital rights to the product have been revoked and your account has been closed'.cloud computing tips 100% of the control over to the publisher. this is not a good situation for the customer to be in.
This has actually already happened a couple of times, even w/ only a semi-cloud rig,
I know it's going to be pooh-poohed, but consider the following rather not-uncommon bork-ups by remote control:
These aren't hypotheticals - these have actually happened. The third one happened at my former employer's remote production site, costing a few hundred thousand bucks in downtime before the connection was restored (because an incredibly dumbassed Head of IT forcefully told me to "stop worrying" about the realtime production BI system over a WAN, because "we have an SLA for that". All it would've taken on my part was to forward that little recorded IM conversation to the CEO, and he would've been fired that day.)
Anecdote aside, I fully expect these things to happen more often.
Personally, 'the cloud' has its uses. A quickie webhost, some temporary DB expansion, maybe a cool place for your mobile folks to use and grab computing power.
But... woe to the fool who depends on it for storage, or uses any with DRM ("Digital Rights Management") in it. That last part is what has (justifiably) kept me well away from the Kindle. If I don't have locally stored and sync'ed copies under my exclusive control, I don't want it, period.
I own my data and applications, EULAs be damned. I don't (and won't) rent either.
To that end, I use rsync to my home server (runs any everything), and always keep a spare 2TB HDD full of encrypted backups at my Mother-in-law's house. The price of UPS Ground for that is way cheaper overall.
(edited to remove the pre-coffee typos)
shvrdavid posted Mon, 05 December 2011 at 11:13 AM
Quote - The best security systems are not cracked all the time. It's the not-best ones that are cracked all the time.
The ones that are cracked are the ones that have information the hacker can gain the most from. It doesn't have anything to do with the systems in place, it is what is behind it that attracts the hackers.
Anything that contains information someone wants badly enough will get cracked sooner or later.
If you think otherwise, you are sadly mistaken. (No offence, but there is no such thing as hack proof)
Just ask Sony, Steam, any big bank, any government, etc. Servers like that get attacked all the time. Sony has been hacked at least two times since the first one, and that is just what they told reporters. Keep in mind, that was after increasing and changing the security from the first attack. So we know of three different security setups the were cracked in a row. Obviously, they probably were not the best security systems out there. One of them was cracked within hours of going live.
Anonymous (a hacker group) was able to pull over 10 gigabytes of info off of one government server, then corrupt the data before the security in place even noticed it. And they have done it more than once, to different servers with different security setups.
When it comes to encyption, some of it can be cracked in real time, no need to guess what the key is and risk sending a bad one to the server that would trigger a security action.
There is hardware to do 40bit all but instantly, 56 bit takes about an hour or so, 256 takes about a day, etc...
http://www.linuxsecurity.com/resource_files/documentation/hacking-dict.html
Just read the first section of what I linked if you doubt it.
I am not going to explain how to do it, but it can be done, and it is done all the time. There are laws in place to ensure they can be cracked. Sounds strange, but that is unfortunetly the way it is. Open up Internet Explorer and hit about, 256 bit encryption support is the best it will do (US release, releases in some countries have lower bit support.). That is governed by a law as a balance of safe, but still easily crackable. There are ways to do connections beyond 256 bit, they just take longer to crack the encryption.
If you make something more hack proof, you will just attract a better hacker than the system you put in place. The more locks you put on it, the more they will want to know what is behind it.
Its a sad truth, and it happens all the time.
Maybe someday there will be a way to make something hack proof, but those days are far off into the future. And it will all but require scrapping the current TCP/IP way of doing internet connections to pull it off. TCP/IP is just too limited. Syn cookies, TCPCT, and other tricks help, but also point right at how part of the security is set up.
Some things are easy to explain, other things are not........ <- Store -> <-Freebies->
Blackhearted posted Mon, 05 December 2011 at 11:32 AM
"When it comes to encyption, some of it can be cracked in real time, no need to guess what the key is and risk sending a bad one to the server that would trigger a security action.
There is hardware to do 40bit all but instantly, 56 bit takes about an hour or so, 256 takes about a day, etc..."
"I am not going to explain how to do it, but it can be done, and it is done all the time. There are laws in place to ensure they can be cracked. Sounds strange, but that is unfortunetly the way it is. Open up Internet Explorer and hit about, 256 bit encryption support is the best it will do (US release, releases in some countries have lower bit support.). That is governed by a law as a balance of safe, but still easily crackable."
where is the facepalm smiley*?
Blackhearted posted Mon, 05 December 2011 at 11:47 AM
how about we make a deal:
i will send you a compressed 7-zip file. in this *.7z file will be a document, and that document will contain a phrase.
i will not use anything stronger than 256 bit encryption.
if you tell me what that phrase is, i will cut you a cheque for $1000.
im not going to hold you to your 'easily crackable in one day' statement. how about a year? you can have an entire year to provide me with the phrase. if in that time you dont provide the phrase, you send me a cheque for $100.
do we have a deal?
shvrdavid posted Mon, 05 December 2011 at 11:49 AM
Quote - where is the facepalm smiley*?
lol... I didn't say I have the machines, but they are out there...
Some things are easy to explain, other things are not........ <- Store -> <-Freebies->
shvrdavid posted Mon, 05 December 2011 at 1:06 PM
Just as an example of what can be done if you have the resources.
There was an article published about all the stuff the seal team 6 took in the raid in Pakistan. The article was on May 5th 3 days after the raid. There was another article about a week later disclosing that a lot of it was AES-256 bit encrypted and would take some time to decypher using the "brute force" method.
On June 8th they announced 95% of it was decyphered.
Didn't take them too long did it....
Some things are easy to explain, other things are not........ <- Store -> <-Freebies->
bagginsbill posted Mon, 05 December 2011 at 1:39 PM
If you choose "pickle" as your password, behind which you have your 256-bit key hidden, then it will be cracked in 30 seconds. This has absolutely nothing to do with 256-bit keys.
On the other hand, you will not crack my password in millions of years, because it looks like this:
1603478w3bcefe8g7rtf7wfe88rg8r7g
There's a lot of people talking here who don't actually represent the considered opinion and knowledge of a cryptographer. Caveat emptor.
Meanwhile, read this and explain to me again what you actually know and have evidence of versus what you would like to believe because it tickles you to think that really smart people are baffled and you're not.
http://www.theregister.co.uk/2010/06/28/brazil_banker_crypto_lock_out/
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
bagginsbill posted Mon, 05 December 2011 at 1:41 PM
Or how about this bit of "ground breaking news"
http://www.theregister.co.uk/2011/08/19/aes_crypto_attack/
A weakness has been found!!! AES can be cracked in only 20 trillion years instead of 100 trillion years. Yay.
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
bagginsbill posted Mon, 05 December 2011 at 1:43 PM
Who here knows the difference between:
no chance
one chance in a billion
?
Where did I ever say crypto was unbreakable? I also have said many times that it is very unlikely to die in a plane crash. You can't refute that by saying it's not impossible. Nobody said it's impossible to die in a plane crash, so that refutation is pointless.
Similarly, it is incredibly unlikely that all the computers in the world working together can credibly break into a properly assembled crypto system. Far easier is to just beat it out of an administrator.
But if you hold the keys, and the cloud admins do not, then you only have to fear that you will give up the keys.
Saying that there is no crypto that is unbreakable is not saying anything at all. We know there is no unbreakable crypto. If you can survive past the age of the universe, you can indeed crack any crypto. If ...
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
Blackhearted posted Mon, 05 December 2011 at 2:03 PM
http://www.webcitation.org/5rocpRxhN
Quote - Ah, but what about the dreaded massively distributed cracking brute force method for attacking something like 128 bit RC5 encryption? There are massive zombie farms of infected computers throughout the world and some may have gotten as big as 1 million infected computers. What if that entire army was unleashed upon the commonly used 128 bit RC5 encryption? Surprisingly, the answer is not much. For the sake of argument, let’s say we unleash 4.3 billion computers for the purpose of distributed cracking. This means that it would be 4.3 billion or 2 to the 32 times faster than a single computer. This means we could simply take 2 to the 128 combinations for 128-bit encryption and divide it by 2 to the 32 which means that 2 to the 96 bits are left. With 96 bits left, it’s still 4.3 billion times stronger than 64 bit encryption. 64 bit encryption happens to be the world record for the biggest RC5 bit key cracked in 2002 which took nearly 5 years to achieve for a massive distributed attack. Now that we know that the distributed attacks will only shave off a few bits, what about Moore’s law which historically meant that computers roughly doubled in speed every 18 months? That means in 48 years we can shave another 32 bits off the encryption armor which means 5 trillion future computers might get lucky in 5 years to find the key for RC5 128-bit encryption. But with 256-bit AES encryption, that moves the date out another 192 years before computers are predicted to be fast enough to even attempt a massively distributed attack. To give you an idea how big 256 bits is, it’s roughly equal to the number of atoms in the universe!
millighost posted Mon, 05 December 2011 at 2:33 PM
I think to be successful, a cloud service must provide some real benefits over a local installation (i think that was the OP's intention, too). If all one would gain, is to save oneself from unpacking a zipfile or execute an installer there would be very little benefit, because the major work is not the unpacking, but rather for example the very common "missing texture" or "missing obj"-errors. If a solution for these would be included, perhaps someone would actually pay for it. Otherwise everything one would gain would be a slightly better ftp service. But that would require to make all this content available to actually work together and i have my doubts if this could be accomplished by unleashing all those 100s of content vendors into, e.g. one big cloud filesystem and letting them install their things (given the fact that a significant amount of content vendors are incapable of installing just one or two of their own packages without producing any errors).
Blackhearted posted Mon, 05 December 2011 at 2:45 PM
personally with regards to installers, i would like to see poser be able to handle simple compressed containers which hold ALL of the associated files for a product, rather than each product littering your runtime with hundreds of files and folders.
a poser user should be able to just buy a product .ZIP and place that .ZIP file into a 'Runtime' folder which they could organize how they like. INSIDE the .zip we have the same runtime structure as our product zips have now (or you could have Poser search for required files automatically within the zip) - however the end user would not have to unzip, they could just leave it in the 'container'. similar to how compressed .ROMs are handled by emulators.
the application (poser) would read the files in this runtime folder (a cache could be created to speed up startup). decompressing textures, geometries, etc on the fly with modern processors would be a trivial task.
since OBJ, CR2, TIFF, etc files often compress to 10% their uncompressed size, this would immediately shrink runtimes to a fraction of their size. in addition, it would improve drive performance - especially for NTFS and flash based drives.
installing, uninstalling, reinstalling, archiving, etc would simply be a matter of moving a ~10 meg .ZIP container around. UPDATING a product would be a breeze since you would simply need to overwrite the .ZIP.
im not a software engineer - in fact im not a technical brain at all. but i dont see why this would not be possible?
millighost posted Mon, 05 December 2011 at 2:48 PM
Quote - ... A weakness has been found!!! AES can be cracked in only 20 trillion years instead of 100 trillion years. Yay.
Oh, what a pity :-( In this case i would rather wait until until my hacking victim makes a mistake. Usually happens much faster than that...
shvrdavid posted Mon, 05 December 2011 at 2:50 PM
lol, you make a good point BB.
Most people do not use passwords like you posted, and if they did, it would make cracking harder to do. Brute force cracking is a last resort, and does take a long time simply because of the shear number of possibilities. I would asume that the stuff that was cracked so fast was cracked by the dictionary method, or the key was found within the information obtained. Who knows, they may have beaten it out of someone as well.
For what you are doing, I would assume that it is going to use RSA, which is far superior to ASE. Cracking RSA would require much more time, and many governments have tried to pass legislation to limit its use. Or to make the keys available to other agencies.
Thankfully that hasn't happened, but they are at it again.
People are pushing the SOPA thing again, and you can bet that they will sneak other things in it later. The base idea ot SOPA is a great idea. It will help our economy, cut down on piracy etc. But giving the Justice Department complete control over it might not be. Considering that they are one of the the ones that wanted access to the encryption keys to begin with.
And just to get you thinking....
As far as times for cracking ASE? The record for 40 bit is .0002 seconds. and that was set years ago by a team bent on proving the flaws in DES.
These people that did it are here: https://www.eff.org/
TSWG has had software for cracking 256 bit for years, with this http://www.tswg.gov/subgroups/isf/electronic-evidence/products.html (with their Counter-Encryption Tool) I have no idea why they even posted info on it. At least they took some of the info off of the site that really should not have been there to begin with.
How long do you think your password would hold up to a system like that?
I would guess "not long" would be the correct answer.
Do you actually think they would still get funding if none of it worked? I think not.
And if it didn't work, no one would use it.
For a tool that the Department of Defense funds, and most branches of the US government now use because it works, anyone that thinks it doesn't work is misinformed.
Some things are easy to explain, other things are not........ <- Store -> <-Freebies->
Blackhearted posted Mon, 05 December 2011 at 3:16 PM
"TSWG has had software for cracking 256 bit for years, with this http://www.tswg.gov/subgroups/isf/electronic-evidence/products.html (with their Counter-Encryption Tool) I have no idea why they even posted info on it. At least they took some of the info off of the site that really should not have been there to begin with.
How long do you think your password would hold up to a system like that?"
did you not read my post?
"I would guess "not long" would be the correct answer."
only if your definition of 'not long' is measured in centuries, even accounting for moore's law. i suppose if you look at human evolution as a whole, a couple centuries is 'not long' at all.
ehliasys posted Mon, 05 December 2011 at 3:34 PM
Poser content in a cloud? what a funny idea! absurd, but funny. :lol:
bagginsbill posted Mon, 05 December 2011 at 3:47 PM
It's not absurd and I've actually been thinking about how I might set it up for distributing my own stuff.
I am always tweaking and improving things. People are always trying to stay up to date with my shaders. Thousands upon thousands of people experience one or more of the following:
They don't know how to install shaders
They don't know how to update shaders
They don't know or have troubling unzipping shaders
They are unaware that I updated a shader and published new versions
They get confused when I post useful variations and then they mix them up and think they're using a particular variant but they're still using the first one they got.
Etc.
Now imagine a different world:
You install "Ted's Magic Cloud Runtime" software.
You activate it to synchronize to my "Bagginsbill-Freebie" runtime - everything I have ever published, already installed properly. Further, as I make new things, I put them in there.
The Magic Cloud software keeps your local copy local, but synchronized so that updates and additions that I put in my runtime show up in your copy automatically.
All you have to do is join the network once in a while and your copy will be updated and instantly ready to work in Poser because it is a full runtime - just like the ones you have now. It's local, not cloud based. The cloud part has to do with distribution, not storage.
I think people would absolutely love this.
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
shvrdavid posted Mon, 05 December 2011 at 4:09 PM
I really hate to break this to you, but todays gpu's, can generate every key possiblilty rather quickly. Over a million per stream processor, per second.
My workstation has 3200 stream processors, do the math.
Now gang entire networks of them together.
Your ZDNET article you quoted also mentioned that other forms of encryption with even higher bits have been cracked, but you conveniently left that part out. And that happens to be RSA encryption that was cracked on the universities networks. No super computers involved, a rather small network, and they cracked it.
http://www.zdnet.com/blog/ou/is-encryption-really-crackable/204
Gpu's have proven that moores law does not always apply.
So if you want to stay on the moores law bandwagon, don't even look at how fast the new gpus are.
Some things are easy to explain, other things are not........ <- Store -> <-Freebies->
Blackhearted posted Mon, 05 December 2011 at 4:19 PM
^my challenge still stands. its an easy $1000 for you :)
shvrdavid posted Mon, 05 December 2011 at 4:24 PM
BB, I think a lot of people would like that as well.
When it comes to shaders, you know far more about it than most people do.
One of the best parts, is that you share your knowledge with people, that is something you don't see every day. And that has helped many people.
Having a way to add your runtime stuff like that would help a lot of people out.
Quote - It's not absurd and I've actually been thinking about how I might set it up for distributing my own stuff.
I am always tweaking and improving things. People are always trying to stay up to date with my shaders. Thousands upon thousands of people experience one or more of the following:
They don't know how to install shaders
They don't know how to update shaders
They don't know or have troubling unzipping shaders
They are unaware that I updated a shader and published new versions
They get confused when I post useful variations and then they mix them up and think they're using a particular variant but they're still using the first one they got.
Etc.
Now imagine a different world:
You install "Ted's Magic Cloud Runtime" software.
You activate it to synchronize to my "Bagginsbill-Freebie" runtime - everything I have ever published, already installed properly. Further, as I make new things, I put them in there.
The Magic Cloud software keeps your local copy local, but synchronized so that updates and additions that I put in my runtime show up in your copy automatically.
All you have to do is join the network once in a while and your copy will be updated and instantly ready to work in Poser because it is a full runtime - just like the ones you have now. It's local, not cloud based. The cloud part has to do with distribution, not storage.
I think people would absolutely love this.
Some things are easy to explain, other things are not........ <- Store -> <-Freebies->
millighost posted Mon, 05 December 2011 at 4:55 PM
Quote - I really hate to break this to you, but todays gpu's, can generate every key possiblilty rather quickly. Over a million per stream processor, per second.
My workstation has 3200 stream processors, do the math.
...
Um, that would be 3200 * 1000000 = 3.210^9 keys per second, or in other words, to guess baggingsbills key (who conveniently only seems to use keys consisting of 32 letters and digits as posted above), you need only 36^32 / 3.210^9 / 2 =~ 10^40 seconds on the average. Sounds much easier than a discouraging "billion years", doesn't it?
shvrdavid posted Mon, 05 December 2011 at 5:04 PM
Quote - Um, that would be 3200 * 1000000 = 3.210^9 keys per second, or in other words, to guess baggingsbills key (who conveniently only seems to use keys consisting of 32 letters and digits as posted above), you need only 36^32 / 3.210^9 / 2 =~ 10^40 seconds on the average. Sounds much easier than a discouraging "billion years", doesn't it?
lol, but your assuming you need every key, you only need the one that unlocks it, which would narrow that down just a tad. The college kids did it with much higher bit length, and it didn't take them long at all. Which took the "billions years" theory and threw it right out the window.
Or you could just assume that they did not do what the proved they did, and hop back on the "billion year" thing.
Some things are easy to explain, other things are not........ <- Store -> <-Freebies->
Blackhearted posted Mon, 05 December 2011 at 5:09 PM
did what? break 64-bit encryption in a 5 year span using distributed computing?
we are talking 128 bit, 256 bit - each billions of times as strong as the last.
Quidnunc posted Mon, 05 December 2011 at 5:46 PM
Please don't confuse GPU computations with CPU. Although a GPU can have thousands of individual processors, they are much slower than a CPU for the equivalent calculation, and have to be supervised, which results in considerable overhead. (Amdahl's Law), and suffer other limitations.
The basic rules of computation still apply.
In any case, most cracking records are set in circumstances that offer opportunites that seldom exist in reality, where delays are the norm and lock outs for incorrect passwords are applied.
Plus, how likely is it that some criminal mastermind is going to use the entire resources of his zombie computer army for several years to get his hands on your copy of V4?
I think BB's vision is very welcome. Just think of well maintained freeware libraries that we could automatically sign up to and access from anywhere. Bring it on!
shvrdavid posted Mon, 05 December 2011 at 5:52 PM
Read the article, they broke 512 bit and 660 bit RSA encryption, which by your own math would be exponentially harder to break than 256 bit. And they cracked both versions. Once that was announced, the RSA Challenge was retracted, full well knowing that if they could crack 512 and 660, they could crack all of them on the list. They did manage to get almost 40k out of the challenge, but they wont get any more due to the fact that is is easily crackable now. RSA-768 was the last prize awarded, then retracted before payment.
Quote - did what? break 64-bit encryption in a 5 year span using distributed computing?
we are talking 128 bit, 256 bit - each billions of times as strong as the last.
Some things are easy to explain, other things are not........ <- Store -> <-Freebies->
bagginsbill posted Mon, 05 December 2011 at 7:54 PM
shvrdavid,
I don't mean to offend, but you are not relaying facts with any accuracy. They did not break 512 bit and 660 bit RSA encryption. What they did was factor a 512 bit integer. Not at all the same thing.
Public key encryption incorporates two numbers that are related according to the factors of a very large number. This is not at all the same as the factors themselves being guessed.
While it is possible to factor a 512 bit number in a reasonable amount of time, it is not at all possible to guess a 256 bit random number in the same amount of time. It is these 256 bit random numbers that are used for AES 256 session keys, and other similar symmetric crypto systems.
256-bit fails when the pattern is not random, but is produced as a function of a simple password - often a stupid simple word out of the dictionary. In such cases, one does not have to guess the full 256-bit number. One only has to guess the word used to generate it, and to know the algorithm to convert the word to the 256-bit number. Failure to recognize this form of vulnerability is the primary factor in permitting dictionary attacks on 256-bit encryption in something less than the age of the universe. You're no longer encoding any value from all possible 256-bit values. Instead, it's only about 20 bits. Even if you use a phrase of two or three words, you're still less than 50 bits.
Hybrid crypto systems combine the public key with the symmetric key systems. Also, I can easily cascade several layers of these together, creating the equivalent of 1024 bit keys. Even if we double computing speeds, and double the number of computers, for 1000 years, you will not be able to crack these.
Really - I can't go explain the whole theory of cryptography, in order to get you to believe that you're not explaining anything correctly. But that's what it would take.
Seriously, I have been hired by a very respectable and well-known company in the encryption space, a company that protects the financial data of the majority of banks in America. I can assure you that you cannot crypto-analyze their data in anything less than the remaining age of the universe. They do not need me to design crypto for them - they need to me to make it easy to use and to make it transparent so ordinary humans can use it well.
Yes, there are individual incidents involving the crypto equivalent of "morons" who associate their keys with easily guessed passwords. These examples are in no way representative of the state of the art. I assure you, that if you "do the math", you will find that even if you have 1 trillion computers, each with 3,200,000 GPU elements, you still could not break the 256 bit encryption before you are dead.
Also, I cannot explain more about the product I'm working on, but it is groundbreaking and really does work to bring solid encryption to the masses. The government will not be able to read your stuff with a subpeona to Amazon after I'm done.
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
bagginsbill posted Mon, 05 December 2011 at 8:09 PM
Quote - I really hate to break this to you, but todays gpu's, can generate every key possiblilty rather quickly. Over a million per stream processor, per second.
My workstation has 3200 stream processors, do the math.
I did the math.
3200 processors at 10^6 keys per second operating for one year can analyze about 10^17 keys per year.
Converting that to bits, it can try all combinations of 56 bits in one year. With me so far?
The math is:
log(3200 * 10^6 * 3600 * 24 * 365) / log(2) = approximately 56
Now let's assume you had one trillion of these. Now you can scan 96 bits in a year.
Now let's assume you apply Moore's law for 150 years and you double the power every 18 months for 150 years. You now have the ability to scan, in one year, 196 bits. But remember, that is 150 years from now.
[The math:
3200 GPU
10^6 keys per second
3600 seconds per hour
24 hours per day
365 days per year
10^12 (one trillion) computers at work in parallel
processor speed doubles 100 times (150 years from now, doubling every 18 months)
log(3200 * 10^6 * 3600 * 24 * 365 * (10^12)* (2^100)) / log(2) = 196.349
]
OK, so 150 years from now we can guess a 196 bit key in a year, using one trillion computers all working on the same problem.
How long, on average, till you guess the 256-bit key?
In years: 1.153 * 10^18
This is still longer than the age of the universe, by many orders of magnitude.
And if that isn't good enough, I'll simply doubly encrypt with 512 bits and now it's longer than the age of the universe repeated for every atom in the universe.
Math is amazing, isn't it?
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
pjz99 posted Mon, 05 December 2011 at 8:41 PM
shvrdavid posted Mon, 05 December 2011 at 8:46 PM
Your math is missing some key points. You only need one key per level. You don't need to create all of them, you only need to create the one that works. If you had a trillion computers all doing it, your math assumes they are all doing the exact same thing, and they would not be. Each one would be starting at a different point. Your equations do not take that into account at all.
Math is amazing.
But your math is lacking when it comes to parallel equations. You completely left out the fact that all of the computers would not start at the same point. Suddenly all those computers are far more efficent than the math that you posted. A trillion times to be exact.
I am not going to argue about it, you say it cant be done, so it must be gospel then.
Some things are easy to explain, other things are not........ <- Store -> <-Freebies->
Winterclaw posted Mon, 05 December 2011 at 8:58 PM
Quote - It's not absurd and I've actually been thinking about how I might set it up for distributing my own stuff.
I am always tweaking and improving things. People are always trying to stay up to date with my shaders. Thousands upon thousands of people experience one or more of the following:
They don't know how to install shaders
They don't know how to update shaders
They don't know or have troubling unzipping shaders
They are unaware that I updated a shader and published new versions
They get confused when I post useful variations and then they mix them up and think they're using a particular variant but they're still using the first one they got.
Etc.
Now imagine a different world:
You install "Ted's Magic Cloud Runtime" software.
You activate it to synchronize to my "Bagginsbill-Freebie" runtime - everything I have ever published, already installed properly. Further, as I make new things, I put them in there.
The Magic Cloud software keeps your local copy local, but synchronized so that updates and additions that I put in my runtime show up in your copy automatically.
All you have to do is join the network once in a while and your copy will be updated and instantly ready to work in Poser because it is a full runtime - just like the ones you have now. It's local, not cloud based. The cloud part has to do with distribution, not storage.
I think people would absolutely love this.
Or someone could figure out how to set up an RSS feed twitter account that alerts them every time you post a new material somewhere and they can run off and DL it. Your suggestion would be useful in the shorter run for some people but aside from versions (have a version in the name perhaps?) I think learning how to unzip something and install or update a shader would be better in the long run.
WARK!
Thus Spoketh Winterclaw: a blog about a Winterclaw who speaks from time to time.
(using Poser Pro 2014 SR3, on 64 bit Win 7, poser units are inches.)
Blackhearted posted Mon, 05 December 2011 at 9:22 PM
this is actually a pretty interesting article on harnessing the stream processors of multiple GPUs (in this case 8) for brute forcing.
incidentally i used the same trick hes using to build a christmas present for someone -- putting together an HTPC for her and i used the PCIe x1 riser trick to get a PCIe x16 GT 440 running on a Mini-ITX board that had no x16 slot :)
Blackhearted posted Tue, 06 December 2011 at 1:55 AM
incidentally, all files were generated on another machine running from a LiveCD with a RAMdrive, so no saved/cached/temp copies exist, and i dont know, nor did i save or write down the password. in fact i could not even tell you how many characters it is. so any sortof black bag cryptanalysis would be useless since theres no way of recovering the password/key short of directly attacking the encrypted file itself.
have fun :)
(rename to *.7z since the rosity forum does not count it as a valid extension)
Penguinisto posted Tue, 06 December 2011 at 9:24 AM
Heh.
Crypto is a mixed bag; there are basically three ways to pop the cherry, so to speak...
Method #1: Hammering it from the front door is going to take a long time, so long as the passphrase wasn't "12345", or you don't have a supercomputing cluster to throw at the problem. OTOH, there are methods that don't involve testing one password at a time, such as Rainbow Cracking , where you use partially digested hashes as your base table.
Method #2: If you attack the application that encrypted the data, and if there are indeed flaws in that application, the crypto comes apart in very short order. This is what happened with Microsoft's SAM (Security Account Manager) database, which is how most folks' local OS logon passwords are encrypted. It is also why, if someone has physical access to your machine, it's 'game over' in no time at all.
Method #3: If you attack it by process (that is, you look for flaws in the mathematical process used to encrypt the data), and if there are indeed flaws, it can be cracked in relatively short order. Let me give you a small example of that approach here (PDF warning).
As you can see, brute force is only one of many means to get in.
The trade-off is time/effort vs. benefit. If the results aren't worth the time, then it can be considered relatively secure.
This changes as the variables do... for instance, if I were criminally-minded and Blackhearted's little wager netted me full access to a $1m USD bank account, you bet your ass I'd try to break it, but only for as long (and with as much) as I could reasonably spend - especially if netting that same million bucks could be had much easier by doing something else (e.g. steal credit card data from multiple people and recruiting mules to launder the money).
If I were a government, popping the crypto on a rival government's secrets would be well worth throwing millions (if not billions) of dollars into a means to break in, and time is no object.
OTOH, if I wanted to hijack some schmoe's DNS server to make a couple of bucks in a viagra scam, I'm not going to waste too much time trying to crack a FreeBSD/BIND rig that only gives me three tries before locking my IP addy from ever getting in again - I can move on to someone else who is using Windows Server 2008R2 with default settings and a crappy password.
Now... as for "da cloud!!!111!!OAMGBBQWTFPONIES!, patent pending, etc"? Meh - depends on what I get out of it, looking at it from a criminal viewpoint. If it only means downloading some vickie bits on the sideor some pr0n, screw that - there's more than enough of both for free out there. If it means stealing some compute time and hiding tracks for a bigger criminal project, okay... but I'd first be lazy about it and go phishing for passwords, or pass around a trojan that logs keystrokes. Breaking crypto comes way, way later, after all the lower-hanging fruit has been picked.
So what were we talking about again? I'm hoping 3d linux fembots with a penchant for evil, but I'll settle for anything that's not yet another 'OAMG teh V5 iz teh appocalypz!' thread... those are getting kinda stale, yanno?
Blackhearted posted Tue, 06 December 2011 at 10:59 AM
incidentally, i dont recommend taking my wager :)
im just being a prick because he said 256 bit encryption was trivial to break.
even if by some miracle you managed to brute force the potentially up to ~64 character password (potentially with upper/lowercase letters, numbers and symbols) or break the 256-bit AES encrypted container, inside youd just find a word document thats also 256-bit AES encrypted (hey, i never said it wouldnt be). lol.
every computer in the world working together 24/7 in a massive distributed attack couldnt brute force that in a year.
stewer posted Tue, 06 December 2011 at 11:07 AM
Quote - incidentally, i dont recommend taking my wager :) im just being a prick because he said 256 bit encryption was trivial to break.
It simply depends on what encryption. 256 bit is tiny for asymmetrical encryption, but large for a proper symmetrical encryption. You should definitely not use 256 bits for your PGP key size, but for TrueCrypt AES it's rock solid. Unless someone finds a serious flaw in the AES algorithm, discovers a math breakthrough (P=NP) or invents quantum computing, AES-256 can be considered secure for lifetimes, parallel computing or not.
FrankT posted Tue, 06 December 2011 at 1:43 PM
Somebody might need to go read some books by Bruce Schneier
(something tells me BB might well know him :biggrin: )
That's a guy who knows his encryption
bantha posted Fri, 09 December 2011 at 8:40 AM
If you want to get a good introduction in the whole subject, have a look at Simon Singh's "The Code Book: The Secret History of Codes and Code-breaking". Heavily recomended.
A ship in port is safe;
but that is not what ships are built for.
Sail out to sea and do new things.
-"Amazing
Grace" Hopper
Avatar image of me done by Chidori.
MistyLaraCarrara posted Fri, 09 December 2011 at 10:02 AM
I'd like to be able to send to a Render Q in the cloud that could return hi res renders of my .pz3s, that my local pc can't finish rendering.
♥ My Gallery Albums ♥ My YT ♥ Party in the CarrarArtists Forum ♪♪♪ 10 years of Carrara forum ♥ My FreeStuff
Blackhearted posted Fri, 09 December 2011 at 10:10 AM
^bandwidth usage would be quite high. in order to implement that you would need to be using compression - most of the Poser formats we use (scenes, cr2s, tiffs, etc) can often compress to about 10% their original size. youd also run into issues where the host would require all of the content that you are rendering - which in some cases can be really obscure, sometimes unavailable content. either that or risk violating EULAs by transmitting the files to an offsite server.
MistyLaraCarrara posted Fri, 09 December 2011 at 10:16 AM
the Render Q(continuum) throws that lil temp .pz3. if it could throw an all inclusive pz3 in powerful encryption level files ... and the service would have to cost less than buying an I7 PC. (and you were allowed to use your day jobs T1s to upload)
♥ My Gallery Albums ♥ My YT ♥ Party in the CarrarArtists Forum ♪♪♪ 10 years of Carrara forum ♥ My FreeStuff
Blackhearted posted Fri, 09 December 2011 at 10:58 AM
its not just the .pz3 but every texture, geometry, etc. some scenes and their related files could get up to a gig. even if you could compress that before transfer to use 1/10th of that its still a lot of back and forth data.... and the licensing issue would still present a problem.
btw if renders bogging down your comp is a problem - have you considered putting together a dedicated rendering box? the price is not that prohibitive, and in the long run it would save money over paying someone else/renting server time to render. i dont even have mine hooked up to a monitor, it just sits in the corner and i access it via remote desktop.
assuming you use onboard video (perfectly sufficient for a rendering machine), toss it in an old case and hook up any old HDD you have laying around (its not a good time to buy HDDs right now):
Phenom II X6 1090T boxed processor - $165
8GB DDR3 1600 - $30
Antec Neo Eco 520W PSU (rebranded SeaSonic) - $50
midrange ASUS ATX mobo - ~$80
Enzotech MOS-C10 mosfet heatsinks - $15
~$340 + tax.
the boxed heatpipe cooler on that Phenom X6 should get you to at least 3.8ghz on stock voltage, and equates to impressive rendering performance. you could put something together even cheaper but i wouldnt bother.
if a remote rendering service charged only ~$25 a month, you could build your own little rendering box for roughly the same cost for one year.
bagginsbill posted Fri, 09 December 2011 at 1:12 PM
Daz_Rand posted today in another thread here at Rendo that the future of Daz content is no-zip no-exe, cloud-based, app-store-like transparent installation. You buy it, then it's in your content library. Let the flaming begin.
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
bagginsbill posted Fri, 09 December 2011 at 1:15 PM
In theory, a vendor-approved render farm could be done like this:
Vendor X decides to support the farm. She uploads all her commercial content to the farm.
Customer Y has a product from vendor X in her scene. Using digital signatures, she verifies to the farm that her content is legal, and exactly the same as the copy on the service. (Such as a texture file.)
Having verified that the files are the same, there is no need to transmit the vendor X content to the render farm - it's already there - and the digital signature authorizes customer Y to use it in her render without transmitting it.
This would mean the bandwidth problem would go away.
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
MistyLaraCarrara posted Fri, 09 December 2011 at 2:03 PM
Quote - Daz_Rand posted today in another thread here at Rendo that the future of Daz content is no-zip no-exe, cloud-based, app-store-like transparent installation. You buy it, then it's in your content library. Let the flaming begin.
I don't even like the content tab in Poser.
♥ My Gallery Albums ♥ My YT ♥ Party in the CarrarArtists Forum ♪♪♪ 10 years of Carrara forum ♥ My FreeStuff
Penguinisto posted Fri, 09 December 2011 at 2:14 PM
Quote - Daz_Rand posted today in another thread here at Rendo that the future of Daz content is no-zip no-exe, cloud-based, app-store-like transparent installation. You buy it, then it's in your content library. Let the flaming begin.
What's to flame? From a PA (and company) standpoint, it may even cut down on piracy (as in - good luck scooping up all the pieces for a given package and passing that around). I assume you can still drop in external content, so no diff there.
I suspect the files just download into your content folder, and you (hopefully) get to pick where the important bits go in your file structure.
Interesting concept, nonetheless.
mrsparky posted Sat, 10 December 2011 at 3:51 PM
This would mean the bandwidth problem would go away.
Fair point - though you resolve the big issue of when theres no internet connection?
I've bought stuff before that needs to be authenticated online when installing. Gone to reinstall and they've either gone bust. Or worse still decided they don't want anyone to use that version anymore, you have to pay extra.
Simple serial number ? No problem.
bagginsbill posted Sat, 10 December 2011 at 5:19 PM
Quote - This would mean the bandwidth problem would go away.
Fair point - though you resolve the big issue of when theres no internet connection?
You're thinking about something in a way I'm not seeing. How would you be using a commercial render farm to set up a render, yet you have no internet connection? I thought we were talking about using a render farm and the problem of passing tons of data to the farm. My suggestion of not passing the data, but just proving you could, would avoid having to move the data.
Quote - I've bought stuff before that needs to be authenticated online when installing. Gone to reinstall and they've either gone bust. Or worse still decided they don't want anyone to use that version anymore, you have to pay extra. Simple serial number ? No problem.
Again, we're not speaking about the same scenario as I do not understand what you're talking about. I suggested that you prove, via digital signature (like a serial number but more sophisticated) that you have the right to use certain content on the remote render farm without actually transmitting it. This has nothing whatsoever to do with the vendor - he/she can be out of the picture altogether. This is similar to those strategies involving add-ons to V4 that do not involve actually transmitting a copy of V4. The user must already have a copy.
This is not unlike proving who you are using public key cryptographic signatures. It's a strategy where you prove you are who you say you are (or in this case you have what you say you have) by doing a math calculation that could be done by nobody else, but can be verified by everybody.
This notion of avoiding transmission of a file that is already on the server (stored there by somebody other than you, sometime in the past) is called deduplication. It is a strategy employed by DropBox to avoid uploading files that they already got from somebody else. If you attempt to upload a song you own, for example, and somebody else already uploaded the same song (and they own it too, presumably) then the server tells your PC "never mind, I got that already" and it just marks you down as owning a copy of it at the server. You still have your local copy, but you never need to send it again.
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
mrsparky posted Sat, 10 December 2011 at 8:41 PM
Again, we're not speaking about the same scenario as I do not understand what you're talking about.
Under your scenario, yes you'd clearly need to authticate that user and yes the kinda encrption systems you talk anout would obviously be more than sufficent to protect stuff. Thats a no brainer.
What I was talking about was what you described here...
"... is no-zip no-exe, cloud-based, app-store-like transparent installation."
..there users have to be constantly connected to use it or download stuff, then the moment your connection fails (or the company decides you're not welcome) it's game over.
There what you need is a safety net/mechanism so the user can contine to work off-line if required. Kinda like how we work now, we buy products in zips, we use them offline and theres a copy in the cloud if we need a duplicate.
Blackhearted posted Sun, 11 December 2011 at 9:02 AM
the problem with a cloud based system is that it shifts so much power/control into the hands of the developer that theyll eventually want to use it exclusively for DRM. one has only to look at how developers abuse DRM, closed platforms, etc currently on the market to see what a nightmare this could turn into.
Ubisoft went to a cloud based save system under the guise of 'convenience', and look what we have? Draconian DRM theyre applying across all their releases. you MUST be online and logged into Ubisoft servers in order to play an Ubisoft title. if your internet connection momentarily disconnects, you get kicked back to the game menu. if their master server is down, noone who purchased the game can play it.
why the hell customers would stand for this - and get sucked into scenarios like this - just blows my mind. we should be fighting oppressive DRM schemes at every turn - not encouraging companies to use them.
and yes i know that this thread is just a suggestion for a rendering service - but its the perfect setup for such a DRM scheme.
wolf359 posted Sun, 11 December 2011 at 9:26 AM
"Ubisoft went to a cloud based save system under the guise of 'convenience', and look what we have? Draconian DRM theyre applying across all their releases. you MUST be online and logged into Ubisoft servers in order to play an Ubisoft title. if your internet connection momentarily disconnects, you get kicked back to the game menu. if their master server is down, noone who purchased the game can play it."
I certainly understand your very valid concerns about the clever means by which software &content creators will imposes draconian DRM protocols
But I am also confident that the Clever geeks &"techies" on the user side will devise way to circumvent theses measures and enterprising alternative providers will step in and offer "Off line" alternative apps.
We who choose to live partially "off the grid" and only go online for our personal convenience, will have choices of stand alone programs& apps I believe
Cheers
lmckenzie posted Sun, 11 December 2011 at 10:12 AM
How interesting. Apparently DAZ is playing with what I've been talking about. See 'DAZ Studio Online.'
Now it's obviously just a bare beginning, I assume that's why it's in 'devcenter' - the rendering doesn't seem to work and the content is minimal, I don't even know where if if the plan to do a full service - but it's interesting indeed.
Add the entire DAZ content library, account management, storage, render farm infrastructure etc. and you have something that might be pretty compelling for some people. If you tie it in with the application on your local machine it might be possible to start a scene at home, upload just the description of the content, lighting, poses etc. and then continue working on it from anywhere or vice versa. You would only need to buy DAZ content if you wanted to have a local copy.
One problem I see is non DAZ content. Maybe vendors would allow DAZ to host their content if they got a workable per use fee. Otherwise, maybe some arrangement could be made to upload it in with a key so that only the purchaser could use it. With data deduplication, there would still only need to be one copy of any one item. Many potential issues to work out
"Democracy is a pathetic belief in the collective wisdom of individual ignorance." - H. L. Mencken
Blackhearted posted Sun, 11 December 2011 at 10:24 AM
Quote - "Ubisoft went to a cloud based save system under the guise of 'convenience', and look what we have? Draconian DRM theyre applying across all their releases. you MUST be online and logged into Ubisoft servers in order to play an Ubisoft title. if your internet connection momentarily disconnects, you get kicked back to the game menu. if their master server is down, noone who purchased the game can play it."
I certainly understand your very valid concerns about the clever means by which software &content creators will imposes draconian DRM protocols
But I am also confident that the Clever geeks &"techies" on the user side will devise way to circumvent theses measures and enterprising alternative providers will step in and offer "Off line" alternative apps.We who choose to live partially "off the grid" and only go online for our personal convenience, will have choices of stand alone programs& apps I believe
Cheers
right, the Ubisoft DRM has been cracked...
but what are you suggesting? that we put ourselves in the position where people who will NOT bend over for DRM have no choice but to hunt for cracks to use the content they paid for offline/untethered from the provider?
what if the provider takes the next step and doesnt actually provide an extractable archive of the product to purchasers - as has been suggested in this thread?
like i said if i buy something i want to own it. i want it on my own hard drive, to use however the hell i want, untethered from the provider. 'renting' something from a cloud has zero appeal for me - even if i did have unlimited bandwidth.
our internet rights and freedoms have been slowly eroding away under the guise of 'convenience' and 'safety' over the past decade. personally id rather give up a little 'convenience' and retain full control.
wolf359 posted Sun, 11 December 2011 at 10:52 AM
"right, the Ubisoft DRM has been cracked...
but what are you suggesting? that we put ourselves in the position where people who will NOT bend over for DRM have no choice but to hunt for cracks to use the content they paid for offline/untethered from the provider?"
No I suggest that you NOT buy from those online only,DRM obsessed providers in the first place.
and as MORE& MORE providers go that online only route
( likely in the near future)
A natural void will be created and filled by enterprising programmers who will offer "stand alone"
alternatives to these cloud based applications& content.
and it rarely takes long.
My new kindle Fire tablet from Amazon already has a "jail break" available to let those who desaire install & run other android based OS's services. and its only been out a month.
I Doubt there will ever be a DMR scheme that was either
unbreakable
or where similar stand alone content is not available elsewhere.
We will always have options IMHO unless people are so Wedded to a particular provider( poser/DAZ) that they are willing to be imprisoned by whatever DMR scheme they might impose.
bagginsbill posted Sun, 11 December 2011 at 11:12 AM
You guys talk about cloud and DRM as if they are one and the same. This thread isn't about DRM, any more than a car talk about engine performance would require a discussion of vehicular homicide. Wow - so paranoid.
Personally, I would like it if when I want a Poser package, it comes as a zip file behind the scenes and it automatically unpacks it in the local runtime of my choosing, and also puts it (the zip) in my cloud-based backup area, so when I eventually have to replace this computer, it all magically reappears. I would also like a one-click button that means "that freebie I just downloaded is crap and I want to remove it and all its stinking pieces automatically."
Nowhere in that scenario is there any DRM, nowhere do I have to be connected in order to use my content, and nowhere am I "renting" anything that can be pulled out from under me.
Renderosity forum reply notifications are wonky. If I read a follow-up in a thread, but I don't myself reply, then notifications no longer happen AT ALL on that thread. So if I seem to be ignoring a question, that's why. (Updated September 23, 2019)
wolf359 posted Sun, 11 December 2011 at 11:44 AM
"You guys talk about cloud and DRM as if they are one and the same. This thread isn't about DRM"
I am pretty sure we all understand the difference
it seems that some see the could as just another way to rigidly enforce DRM.
I see the value of Cloud based STORAGE of previously purchased Mobile apps& content ( Apple & Android) Devices etc.
For professional production Software ( C4D ,MAX, Maya, Houdini etc.) its not really practical for various technical reasons.
For poser/DAZ content.. I truly dont care what the new distribution model eventually becomes and I am not a "gamer" so I dont care about them either.
Cheers
mrsparky posted Sun, 11 December 2011 at 11:45 AM
so paranoid.
Nope. Unhappy uncustomers who don't want to totally tied to the cloud and whatever whims companies apply.
Blackhearted posted Sun, 11 December 2011 at 11:52 AM
"Nowhere in that scenario is there any DRM, nowhere do I have to be connected in order to use my content, and nowhere am I "renting" anything that can be pulled out from under me."
YET - but it sets up the perfect platform for its delivery.
"My new kindle Fire tablet from Amazon already has a "jail break" available to let those who desaire install & run other android based OS's services. and its only been out a month."
how is that a viable solution? running 3rd party hacks, voiding warranties, losing functionality just to retain freedom that should have been there in the first place.
you guys have some trusting, utopian views of developers. at least one of the major poser content providers has a long history of clever profiteering schemes behind them - you think they wouldnt jump on an opportunity to implement DRM if you literally hand them the platform on a platter for the sake of a little 'convenience'?
btw the .zip containers i suggested in this thread would solve the ease of installation/backup/removal/organizing with no loss of end user rights/control. why are we still even 'unzipping' products in the first place? with modern processors they can be unzipped on the fly as needed without a noticeable hit to performance.
also i do not want Daz, SM, Rosity, RDNA, or anyone having any more control over my local computer. .exes are invasive enough already.
lmckenzie posted Sun, 11 December 2011 at 12:17 PM
I'm as paranoid (or wise) as anyone about retaining control. I doubt that I would buy into a service that didn't provide the option to purchase and download unencumbered copies of content as we do today. Having the option to use or 'rent' a copy for online use would have to be just that, another option. I'm pretty sure that most mid to high level 3D will remain tied to the desktop for a long time. OTOH, mobile computing is obviously the future. I don't see the utility of rendering on the console screen of your Ford Escape, but I can imagine there are scenarios for every thing from the military to architechts to who knows might benefit from some kind of service based solution though. As for DRM etc., I'm less worried about the companies who have to meet customer demands doing it on their own. I'm more worried about them paying their stooges in DC to mandate it.
"Democracy is a pathetic belief in the collective wisdom of individual ignorance." - H. L. Mencken
wolf359 posted Sun, 11 December 2011 at 12:23 PM
"how is that a viable solution? running 3rd party hacks, voiding warranties, losing functionality just to retain freedom that should have been there in the first place."
Hi you Miss my point
I used that example simply to illustrate that alternatives will always exist for people really need them ...most dont TBH
"you guys have some trusting, utopian views of developers."
No but I live in reality.
We "buy" and "own" Vehicles that costs way more than some Digital Slutwear for V-chick
but never think twice about the fact that we can not even diagnose a minor engine problem without Attaching the cars "Computer" to a manufacture Approved Diagnostic Station and using manufacturer Approved replacement parts .
What is the alternative?? Drive a really old Car and maintain it yourself with after market parts. not a "desirable "solution but thats the reality
as we all know,You dont actually "own" most of the software you use but instead have purchased a license to use it under whatever conditions have been set by the publishers EULA.
but unlike Car manufacturing it is relatively easy for a companies & individuals to write alternative apps& content that are not cloud based.
but if your creative life is so completely dependent on what is fed to you from DAZ or SM or even Ubisoft then I guess you may have a concern about them moving to a cloud based Distribution system.
Fortunately for me my professional creative/ entertainment world is little more diverse.
Cheers
wolf359 posted Sun, 11 December 2011 at 12:26 PM
"I'm pretty sure that most mid to high level 3D will remain tied to the desktop for a long time. OTOH, mobile computing is obviously the future. I don't see the utility of rendering on the console screen of your Ford Escape, but I can imagine there are scenarios for every thing from the military to architechts to who knows might benefit from some kind of service based solution though."
**
**
This ^
Blackhearted posted Sun, 11 December 2011 at 12:32 PM
Quote - No but I live in reality.
We "buy" and "own" Vehicles that costs way more than some Digital Slutwear for V-chick
but never think twice about the fact that we can not even diagnose a minor engine problem without Attaching the cars "Computer" to a manufacture Approved Diagnostic Station and using manufacturer Approved replacement parts .
What is the alternative?? Drive a really old Car and maintain it yourself with after market parts. not a "desirable "solution but thats the reality
as for hooking vehicles up to the computer: valid point. just bringing it in to a dealer and having them hook it up for a diagnostic can cost upwards of $100.
but you can also order an OBD-II bluetooth adapter on ebay for ~$20 and diagnose it yourself. they even have android/iphone diagnostic apps for them.
a more accurate example would be what if instead of your vehicle's onboard computer, it just had a receiver - that required wireless connection to GM in order for your vehicles fuel, emissions control, odometer, transmission, navigation, etc to function? the 'benefit' of this would be if you stepped from one GM vehicle into another, it would automatically adjust your seat and mirrors for you according to your 'user profile'.
F that. give me a non-computerized car with a standard transmission, thank you.
wolf359 posted Sun, 11 December 2011 at 12:46 PM
"as for hooking vehicles up to the computer: valid point. just bringing it in to a dealer and having them hook it up for a diagnostic can cost upwards of $100.
but you can also order an OBD-II bluetooth adapter on ebay for ~$20 and diagnose it yourself. they even have android/iphone diagnostic apps for them."
I have seen such self diagnostic devices advertised.
They might help you in contesting some padded diagnosis of some unscrupulous repair shop
But alas in My old home state of virginia, they will NOT help you pass the State MANDATED annual carbon Emissions tests that must be conducted with their State Approved systems.
I am not even sure about the rules up here in New York as I have
Abandoned car ownership/Driving altogether.
Cheers
Blackhearted posted Sun, 11 December 2011 at 12:53 PM
^they are useful for when your check engine light pops on. some cars have it automatically come on at predetermined mileage milestones (40k, 50k). in that case it takes you 2 min to reset it instead of paying your dealership to hook it to their computer than then 'discover' a bunch of issues that need fixing.
other times the problem could be minor, and you can fix it yourself: my last three 'check engine lights' were an oxygen sensor, camshaft position sensor, and the brake indicator switch. i fixed all three in my driveway for under $25 (new parts from ebay). diagnosis is free, and sometimes its a part you can change yourself.
other times some sensor glitch may throw a one-time error code, and your check engine light will be on (and you wont see other problems) until it gets reset. if someones tech savvy, has a laptop and a car made after 1996, they owe it to themselves to get an ODB-II cable so theyre not totally at the mercy of their dealer/mechanic :)
