Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple's App Store Comes Under the Spotlight for How It Handles Fake Crypto Apps

RalfTheDog said:
The difference between a digital signature and a timestamp is the timestamp. It's not just that you had the document. It's that you had the document at a specific time.
Click to expand...

I don't know what you mean by "you had the document", but if you mean "you've last modified it at x": yeah, a digital signature automatically does that. It tells you, in a forgery-proof way, what person modified a document and when. If someone tries to manipulate the document, the signature gets broken.

If you mean "who has last opened it": you're describing a DRM. Also been a thing for two decades.
 
sideshowuniqueuser said:
Sheesh, you'd think macOS is a big disaster the way you talk about it.
Click to expand...

First, macOS doesn't have even a tenth the mindshare iOS does. Even those who have a Mac don't use it in such broad scenarios. Lots of privacy and security measures don't really matter as much on a device you'll primarily use at a desk and maybe on the couch as they do on a device you'll be carrying around in your pocket and frequently using in public.

And second, that we got by without certain technology doesn't mean that the technology is unnecessary. We've been without electricity for millennia. Like it or not, the measures that have intensified in releases like macOS Catalina do help people avoid getting attacked.

2001's Mac OS X was still stuck in a 1970s' Unix mindset of security where you have a root user and various admin and non-admin users, which is nice because it helps protect the OS, but it doesn't really protect your personal data at all. No need for root (or even admin) permissions to steal or delete all your documents. Instead, we've evolved facets such as sandboxing and TCC, where even within a user, applications can do a lot less damage (whether malicious or inadvertent). They need to ask before using your mic. Even once you've confirmed it, macOS permanently warns you that you're currently being recorded. They need to ask for your location. For your contacts. For access to the documents directory. And so forth.

With Mac OS X 10.0, it would have been trivial to write an app IAmVeryTrustworthyPinkySwear that pretends to be a funny screen saver but actually uploads all your documents to Random Villain, then (to bring this back to crypto) encrypts them locally and asks for a money transfer via Bitcoin. "At least the OS isn't corrupted because they didn't have my root password!" isn't much comfort. How do I know this could easily happen? Because such ransomware is a thing and does happen all the time — and in modern macOS (and other OSes), Apple and others keep tightening the screws to prevent it.
 
chucker23n1 said:
I don't know what you mean by "you had the document", but if you mean "you've last modified it at x": yeah, a digital signature automatically does that. It tells you, in a forgery-proof way, what person modified a document and when. If someone tries to manipulate the document, the signature gets broken.

If you mean "who has last opened it": you're describing a DRM. Also been a thing for two decades.
Click to expand...
It showed that you had the document in your possession at a specific time. You can use this to prove, you had a copy of the document before someone else had a copy of that document. Lets say, you send a copy of a screenplay to a studio. Six months later, that studio starts production on your script under a different author's name. If you can show that you had the script months before they did, it makes things much easier to prove in court.

Take the document, encrypt it using your public key, then sign it using your private key. After that, time stamp it, so you can prove you had it first. If you do this with your working copy each day, dating back to your first draft, you win without having to go to court. Even the nastiest Hollywood lawyers will just ask what you want and give it to you. "Please Sir, might we give you another?"
 
  • Disagree
  • Haha
Reactions: ponzicoinbro and LegacyDroid
RalfTheDog said:
It showed that you had the document in your possession at a specific time. You can use this to prove, you had a copy of the document before someone else had a copy of that document.
Click to expand...

Like I said, you’re describing a DRM. You don’t need a blockchain for that.

RalfTheDog said:
Let’s say, you send a copy of a screenplay to a studio. Six months later, that studio starts production on your script under a different author's name. If you can show that you had the script months before they did, it makes things much easier to prove in court.
Click to expand...

If you sent a copy of that screenplay, why wouldn’t discovery simply look at the studio’s e-mail inbox?

 
chucker23n1 said:
Like I said, you’re describing a DRM. You don’t need a blockchain for that.



If you sent a copy of that screenplay, why wouldn’t discovery simply look at the studio’s e-mail inbox?
Click to expand...
First off, DRM is worthless. Depending on your relationship with the studio, you either turn in a printed copy of the script or you turn in a file created by the most recent version of Final Draft. Paper copies do not have DRM. Final Draft does not have DRM. Discovery is effectively worthless for something like this. If they are going to pirate a script worth a few million dollars, they will have no problem saying, "We never got it." The one and only way to protect yourself is to prove you had a copy before they did. You can send a copy to your lawyer. Their lawyer will just say that your lawyer is lying. If you can document that you had the file on this date at that time, it never so much as goes to court. The studio will pay X3 damages without a trial, just to avoid the bad publicity.

Can you show me another way to incontrovertibly demonstrate that you had possession of a file at a specific time? In the end, that is the only legal question. Who can show, they had it first. Every other thing is meaningless.
 
  • Haha
Reactions: ponzicoinbro
RalfTheDog said:
It showed that you had the document in your possession at a specific time. You can use this to prove, you had a copy of the document before someone else had a copy of that document. Lets say, you send a copy of a screenplay to a studio. Six months later, that studio starts production on your script under a different author's name. If you can show that you had the script months before they did, it makes things much easier to prove in court.
Click to expand...

Hahahahaha 🤣

That is typically bad example made by crypto bros. They have no understanding of any industry so they just invent example use case that has no use case.

You cannot send a ’screenplay’ to a studio without solicitation. They will not accept anything unless you have an agent and even then they will make you sign a contract that states if they reject your screenplay and later produce something similar you cannot take any legal action.

When you submit the screenplay through an agent the communications are recorded so you already have a dozen time stamped pieces of evidence.

This is also standard evidence in all other forms of legal documentation.

So the blocky blonky blonkchain does nothing useful here except add a pointless cost to a pointless multiplayer spreadsheet that nobody needed in these scenarios.
 
ponzicoinbro said:
Hahahahaha 🤣

That is typically bad example made by crypto bros. They have no understanding of any industry so they just invent example use case that has no use case.

You cannot send a ’screenplay’ to a studio without solicitation. They will not accept anything unless you have an agent and even then they will make you sign a contract that states if they reject your screenplay and later produce something similar you cannot take any legal action.

When you submit the screenplay through an agent the communications are recorded so you already have a dozen time stamped pieces of evidence.

This is also standard evidence in all other forms of legal documentation.

So the blocky blonky blonkchain does nothing useful here except add a pointless cost to a pointless multiplayer spreadsheet that nobody needed in these scenarios.
Click to expand...

10 Companies Accepting Unsolicited Scripts That Will Give You A Chance – Freshmen Screen Play

freshmenscreenplay.com freshmenscreenplay.com
 
  • Disagree
Reactions: ponzicoinbro
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back