Kahunapule Michael P. Johnson
Wed Apr 21 05:43:26 MST 2004
-----BEGIN PGP SIGNED MESSAGE-----
At 13:56 21-04-04, Michael A. Peters wrote:
>On Tue, 2004-04-20 at 19:37, Kahunapule Michael P. Johnson wrote:
>> OK, so I generate a new gpg key pair just for that purpose, get the
>> license string, then post both for my hacker buddies?
>If your hacker buddies are interested in sword modules, Good Work! ;)
These are the same guys who steal Gideon Bibles from hotel rooms. :-)
>There is no drm that won't eventually be cracked.
True. It is a matter of economics. If you make it cheaper and less of
a hassle to be honest, most people will be honest. If you make it only
a little more expensive to be honest, honest people won't be as
tempted to become dishonest.
>Right now - the only way honest people can use such bible texts in
>is if they create them themselves, and I think this does hinder the
>widespread adoption of the project.
It does, perhaps. Another option would be to create a mechanism for
linking a non-free program with Sword such that they scroll together.
I know of one set of programs used by Bible translators here that do
that-- a Bible translation editor, and a program that displays
commercial Bible texts and commentaries. I'm not sure exactly how the
messages are passed, but it works.
>Some mechanism to allow copy protected modules not only would allow
>students to use NASB and NRSV - but it could potentially also open up
>sword to additional commentaries etc. that currently are not
>It would be great to be able to read Daniel side by side with the
>Baldwin commentary on it.
I agree. My favorite Bible translation (the World English Bible) is
available in Sword, but I still like to cross-compare with the NASB,
>It is extremely trivial (at least on *nix) to write a gui that
>a PGP key. I could do it in AppleScript in probably 15 minutes
>don't currently run OS X on anything). Maybe half a day in Linux
>because I would need to look up pygtk syntax.
Yes, but what would that gain you? Why not just generate a random
number (r) and use that plus the user name (n) to generate a personal
key (p) that allows sword to generate the correct module key (m).
Buyer gives Sword n, and Sword generates r.
Buyer gives n and r to seller, along with payment for a module.
Seller verifies payment, then computes p = f(r, n, m) and gives that
Buyer gives Sword p, and sword computes m=g(p, r, n), then decrypts
the module to RAM and allows its use. The module is left encrypted on
disk, but p, r, and n are stored with it so that it can automatically
access the data later.
If buyer gives the module plus p, r, and n to someone else, he also
gives them his fingerprints. If he hacks the source code and computes
m, and bypasses the code to use that to either create an unencrypted
module or to always encrypt directly with the module key instead of
going through the motions of computing m from p, r, and n, then the
system is broken. In proprietary copyrighted code that is issued in
object form, only, this method is only slightly lame, in that it takes
a little reverse engineering and debugging to hack. In an open source
project, this method is totally lame, because the user has the
complete commented source code, plus legal permission to change it.
>I think the real purpose would be prevention of accidental copyright
>infringement - those who want to infringe will infringe, if not with
>sword - then with whatever other Bible packages that already exist.
Indeed. I would hope that infringement would be minimal with Bible
texts, anyway, considering the target audience (jokes above
notwithstanding). However, publishers may see things differently. John
C. Dvorak said it well when he found the real formula for computing
losses to piracy:
Piracy losses = wished-for sales - actual sales.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
-----END PGP SIGNATURE-----
More information about the sword-devel