The DRM Scorecard 543
An anonymous reader writes "InfoWeek blogger Alex Wolfe put together a scorecard which makes the obvious but interesting point that, when you list every major DRM technology implemented to "protect" music and video, they've all been cracked. This includes Apple's FairPlay, Microsoft's Windows Media DRM, the old-style Content Scrambling System (CSS) used on early DVDs and the new AACS for high-definition DVDs. And of course there was the Sony Rootkit disaster of 2005. Can anyone think of a DRM technology which hasn't been cracked, and of course this begs the obvious question: Why doesn't the industry just give up and go DRM-free?"
Cracking DRM needs to be easier to use (Score:2, Interesting)
we (geeks) can do it because we are prepared to go through the many steps to remove the DRM
the average joe needs a (free) really easy (integrated) app that strips the DRM, no command line stuff or blind them with options
and (in|un)stallers hell i bet they dont even know what DRM is other than the dialog in their player saying "sorry you dont have a license"
just a simple
no need for finding keys or running multiple apps to crack it just a press button and joe can play his file again
the easier it is to do something the more people will do it
Re:You mother fuckers are pissing me off (Score:4, Interesting)
They know how evolution works. The most draconian systems they come up with today will be childs play eight years from now. So in reality, for as nasty as they look now, they will be almost pointless 10 yrs from now. (look at CSS...) So what they're doing now really this isn't any worse than CSS was when it was made, relatively speaking. Six years from now we will look at this and yawn, as we feed a spindle of old blue rays into a reader (at 25 seconds each) and download our entire collection to our data cube.
Cable HDTV DRM (Score:5, Interesting)
Re:Geeks do- everyone else doesn't. (Score:5, Interesting)
DIVX (Score:3, Interesting)
I don't rember ever seeing DIVX [wikipedia.org] ever being cracked. The fact that it failed in the market and you could get the exact same content off of a non-DIVX DVD aside, I don't know of a crack for it.
But everything that has been in use for a little while or on successful product? Yeah, it's cracked. The article doesn't even begin to mention all the software protection schemes that are no longer effective.
We have everything we need... almost (Score:3, Interesting)
Plausible deniability
Analogue hole
What we miss is a file sharing program that makes use of a TOR like network and stores the files in a plausibly deniable container by default (i.e no need to be a computer geek) so that everyone can use it. Such a program would essentially be a tactical nuke against the record label's business model. Some time ago I may have considered promoting this immoral, but after I had a night ruined by region codes ( my girlfriend* at the time had bought me a present while visiting the states ) I sort of want to see this bullshit fail as much as possible. Unfortunately I don't know shit about designing a decent network so I can't write the stuff myself, but if things continue the way they do it is only a question of time before somebody does it.
*Yes yes, I know I'm not supposed to have had a girlfriend and post to slashdot... If it helps maintain the stereotype I could disclose that I'm nocturnal, skinny and still living with my mother...
Re:Geeks do- everyone else doesn't. (Score:5, Interesting)
Of course not. That's why the MAFIAA and similar parties use the legal system to fill the holes that technology can't. If you can't actually stop everyone from doing it, simply make it illegal, and sue anyone who gets past the initial hurdles.
DRM and IP law, the technological and the legal - the two work in tandem, but I would say that the end goal is perfect control over content. Anything less than perfect control is, after all, simply an unexploited opportunity for profit.
The psychological answer (Score:1, Interesting)
It's impossible for them to trust consumers not to rip them off if given unencumbered music - never mind that they've been doing so with every previous media up to an including the still ubiquitous CD without the ever-predicted imminent collapse of the commercial entertainment industry. I suppose the reason behind the reason is that since, as an industry, they live largely by appropriating the value of the work of others, they naturally expect everyone else in the world to behave likewise towards them.
Pathetic, no?
Re:Bad arguments and bad reasoning (Score:1, Interesting)
FairPlay on videos not cracked (Score:3, Interesting)
It's been what, 2+ years since Apple started selling videos and still no crack?
Re:DirecTV (Score:4, Interesting)
The BBC and Licensing? (Score:2, Interesting)
As one of the few British channels to make their content available online they have fine line to cross. The commerical channels funded by advertising offer a week or so's worth of TV to download for free with popular shows having a minimal fee (£0.99 to rent or £1.99 to purchase). This is all well and good, but the BBC cannot operate under this model. Either they release their content for free or don't release it at all to the British public.
There are few paths the BBC can take. At the moment for their online streaming media they use Geo-Targeting and attempt to restrict access to the UK public (although this can result in false negatives/positives) but provide the content itself for free. If they make it available to all for free they are breaking several points of their Royal Charter. They can either show the British public the shows for free and without advertising or broadcast it to foreigners with either a charge or adverts, but they cannot show it to the UK audience with adverts or a charge. This is where the problem lies.
The BBC's iPlayer has recently come under fire for being Windows only and DRM-riddled, but what can they do? They can either implement some form of UK-based DRM or not attempt to show programmes online at all. The BBC often doesn't own the content the broadcast in full and therefore aren't able to make their content available without caveats, and many of the companies they produce media in conjunction with require this. Coupled with their charter they are stuck with no online media at all or some form of DRM inbetween. I'd prefer the DRM version then to wait for some form of non-DRM equivalent to be implemented!
Re:Geeks do- everyone else doesn't. (Score:5, Interesting)
This is indeed the root of any high-distribution system and is applicable to several domains--piracy, drugs, airborne diseases. It only takes one copy on a viable transmission medium to start the ball rolling.
it really doesn't beg that question. (Score:3, Interesting)
The industry isn't trying to make uncrackable DRM. They're trying to make DRM that's just annoying enough so that the majority of users don't go to the trouble. Expert users will always crack whatever they put out. That wouldn't be a problem except for the ease of distribution BitTorrent affords and other P2P services afford. The same principle applies w/ the RIAA lawsuits. They're not trying to sue everyone who pirates music. They're just trying to get enough publicity so that people start thinking, "Gee, if I download that song then there's a chance, however remote, that the RIAA is going to sue me. Even if the law is on my side and I win, that would be a colossal hassle. Maybe I'll just buy it instead."
Re:Geeks do- everyone else doesn't. (Score:5, Interesting)
The Answer: Greed Makes You Stupid (Score:5, Interesting)
The entire entertainment industry is so consumed with greed that they are no longer able to think clearly. The failure of DRM is so painfully obvious, but the MPAA, RIAA, BSA, etc. are so blinded by greed that they can't see it. To them, the failure of DRM is proof that they need bigger badder DRM along with bigger badder laws to punish people. This is what greed does to you.
The secret to success is simple: make a good product and sell it at a fair price. But when you are bkinded by greed and convinced that you're losing billions of dollars to "piracy", you think that the secret to success is to control your precious "intellectual property" with the most draconian iron-fisted methods possible.
Preventing competition (Score:3, Interesting)
First: Why is the weak system worth spending 10,000 gates for? The answer doesn't lie in platitudes about speedbumps or raising the bar -- any technical bumps or bars will be obliterated when the master secrets are published.
So temporary piracy prevention doesn't seem like a good explanation.
A much more plausible answer is that HDCP encryption exists only as a hook on which to hang lawsuits. For example, if somebody makes unlicensed displays or format converters, copyright owners could try to sue them under the DMCA for circumventing the encryption."
Because if there's anything a tech mogul hates worse than his own customers, it's his competition.
DRM in a Nutshell: [r30.net]
An encryption system is a way to deliver information securely, even through the hands of the thieves.
A DRM system is a way to cut out the middleman, and deliver information securely into the hands of thieves directly.
See the problem?
Confusing the thief for the customer is why DRM can never work.
Confusing the customer for the thief is why DRM can never sell.
Re:All bank vaults and locks have also been cracke (Score:4, Interesting)
We already have copyrights to protect the producers of works. DRM is going too far as it restricts the users rights to use something for their own private use, for which they have legally purchased.
doesn't (Score:2, Interesting)
Re:The BBC and Licensing? (Score:3, Interesting)
Send everybody who pays for a TV license a card with an ID and password.
Person must first log into the web site with their ID and password, and then they can stream the programs using some sort of open CODEC or even Flash.
The solves 98% of the problem. And it's one of those good enough solutions that lawyers and bureaucrats will turn down because they're not thinking rationally. They're looking for a 100% protection solution that can never exist. They're only making it harder for their customers, and it makes no difference to "protecting" the content.
Re:it really doesn't beg that question. (Score:3, Interesting)
They're trying to make DRM that's just annoying enough so that the majority of users don't go to the trouble of buying the product legitimately in the first place. There, fixed it for you. This is a fine line these benighted fools must walk, as they are engaged in marketing a product that is inferior to and which can be more easily and cheaply obtained from illegitimate sources.
perhaps it was too subtle. (Score:3, Interesting)
Re:Geeks do- everyone else doesn't. (Score:1, Interesting)
Now after a year of playing it every few months, I realized this was a great purchase. If they had put copy protection on the game, I probably would have just passed it over. I took a chance and I was rewarded. I have purchased quite a few games that turned out to be horrible. Purchasing this one based partly on its choice to not use copy protection felt like just buying another game, except that it turned out to be a wonderful game.
Re:We have everything we need... almost (Score:3, Interesting)
Wow, once again showing some truth to the meme that all technology is better in Japan. Winny [wikipedia.org] (and its successors Share [wikipedia.org] and Perfect Dark [wikipedia.org]) appear to be far more advanced than any p2p popular in the US, although Wikipedia points out that they assume high speed connections which are most common in Japan.
What I find really interesting about those programs though is that they are all closed-source Windows programs. Is Windows really that overwhelmingly pervasive in Japan? Or is it just too difficult to write a cross-platform app which looks pretty and has good Japanese language / Unicode support? And why would a p2p app be closed source? That seems very strange to me.
Re:DRM technology which hasn't been cracked (also) (Score:1, Interesting)
For example: Steinberg Wavelab 6 & Cubase 4, Apple Logic Pro, and several other audio apps are incorporating dongles... one of the Arturia soft-synths has it too and remains uncracked.
Now there once was a crew called H2O which cracked the Cubase v3 dongle and it sounds like that was a serious bitch and a really tough nut for them to crack. So IMO these dongle based protections may in fact be raising the bar for copy protection. Not that they are uncrackable, but it sounds like the amount of time/effort/brains required is now prohibitively expensive. And thus several of these applications remained un-cracked. Nobody has been willing or able to successfully pull it off.
From the descriptions of Blu-Ray's protection, it sounds like if a movie/disk is cracked, that crack will only work on that one movie/disk. I think we may be moving into a new era where cracking is so challenging that nobody wants to go through the effort/trouble due to the level of difficulty and complexity.
I guess it remains to be seen. I don't think I ever would buy a dongled application. And I'm generally willing to trail the bleeding edge now. I'll accept lesser quality, or older stuff, for the sake of cheapness, either getting stuff used/discounted, or downloading, etc...
If these big corps can force the majority into paying if they want to use the product, then I'm almost cheering them on. It may bring people to demand more fair changes in the laws back into consumer/masses favor. Or it could spawn more development in the areas of creative commons and linux. Maybe that's part of why people have been so lazy and uninterested in copyright and patent laws. If stuff is so easy to copy up until now, who cares? They get it anyways for free and buy a little bit here and there...
uncracked DRM (Score:3, Interesting)
I propose Xbox 360 DRM.
Essentially un-hacked after all this time. Interestingly enough it's been possible to run warez for long time but ONLY if it's right region and no modification whatsoever is possible (cheats etc)
However, homebrew software, cross-region mods, or any modification to the games: Big Ix-Nay.
Yes, if you go to extreme lenghts and took the necessary steps long time ago it's possible to change the region code of the console. The kernel vulnerability was patched and there's no way to un-patch unless you exploited the vulnerable kernel to obtain one of the encryption keys. Or in other words, if this is news for you, forget about it.
Re:security != technology (Score:4, Interesting)
I've been in the computer security biz for a long while now. You'd be amazed how many suits think of security as a product to buy, to install and then never think of it again. When you tell them that it should be audited and reviewed every now an then at least (personally my suggestion is every month or at least every two months), they look at me bewildered and reply with something akin to "but we just bought the security you mentioned. What gives, is it not secure?" (implying "Are you selling snakeoil?")
You have no idea how hard it is to get it past an exec's skull that security is an ongoing process and evolving, not something static that you set in stone for now and forever.
Re:It's the convenience, stupid (Score:3, Interesting)
A. work overtime so that I can pay someone to do it, or
B. not work overtime and do it myself
I'd choose B. Working on a house is more interesting than sitting at a desk driving Catia all day, and (usually) the frustration level isn't any higher. It may take me longer overall, but I'd be at home with my family instead of at work.
Re:Geeks do- everyone else doesn't. (Score:2, Interesting)
Re:Geeks do- everyone else doesn't. (Score:3, Interesting)
The GP was correct, locks keep honest people honest. They do nothing for stopping dishonest people. The same goes for DRM.
Sorry that's not what DRM does.
DRM prevents honest people from using the stuff they buy in ways they are legally entiteled to, pissing them off and turning them into dishonest people
The only reason I have on occasion bought DRM burdened material is because I expect the DRM to be breakable, now or later. I'll be doing something that is legal, but not approved by the copyright holder, when converting that material to any format I choose. If I was interested in uploding material and breaking copyright law I wouldn't bother buying anything in the first place, I'd just download it. Unfortunately the RIAA and MPAA and their sister organisations in other countries are continually pushing stronger DRM to keep their product inferior to what the pirates are offering.