Open-Source DRM Ready To Take On Big Guns 520
Barence writes "An open-source digital rights management (DRM) scheme says it's ready to supplant Apple and Microsoft as the world's leading copy protection solution. Marlin, which is backed by companies such as Sony and Samsung, has just announced a new partner program that aims to drive the DRM system into more consumer devices. 'It works in a way that doesn't hold consumers hostage,' Talal Shamoon told PC Pro. 'It allows you to protect and share content in the home, in a way that people own the content, not the devices.' When asked about the biggest problem of DRM — that customers hate it — he argued that 'the biggest problem with DRM is people have implemented it badly. Make DRM invisible and people will use it.'"
How can it be both effective and invisible? (Score:5, Informative)
I don't get it... If DRM works, it restricts what you do. If it restricts what you do, it's not inivisible. How is this implementation different from any other DRM?
Invisibile (Score:2, Informative)
While I'm sure it's a load of BS, I don't think many people will hate "perfect DRM" any better than what we've got now. They'll just stop complaining about how it annoys them as legitimate license owners and start complaining that stuff costs too much. Because the people that are complaining are usually pirates.
Re:How can it be both effective and invisible? (Score:5, Informative)
I visited their website. It appears to be based on the tried-and-true "license" model where you must buy a license in order to use a program... or in this case, play a song. The obvious flaw is that is the server goes down, no more license.
And of course licensing is typically an annual payment plan. I don't want to "rent" my purchased songs year-after-year-after-year.
http://www.marlin-community.com/technology/how_marlin_works [marlin-community.com]
Re:How it's theoretically different (Score:5, Informative)
No it works on licensing. You can copy the song as many times as you want, including over the internet with friends, but you can't use the song until you obtain a license.
I hate licensing. It's too much like renting. I want to OWN the device, program, song, whatever; not rent it.
Re:How it's theoretically different (Score:5, Informative)
You're saying then that I can't loan a copy of a book I own to a friend or family member because it's copyright infringement. That's utter and complete bullshit.
No, he's saying that can't make a complete copy of a book you own and give it to a friend or family member because it's copyright infringement. And he's right. The difference between loaning a book and "loaning" an MP3 is that once you'd "loaned" your buddy a song, he has complete access to it whenever he wants. More importantly, he has complete parallel access to it with you. Only one instance of the song was paid for, yet two people are able to enjoy its use at any time, perhaps simultaneously.
If I have physical media that I legally purchased, I should be able to loan that media out to whoever the hell I want to, and it's nobody's damned business.
Agreed. If you have an iPod with songs on it that you purchased, you should absolutely be allowed to lend someone that physical media -- that is, the iPod -- and let them use it as long as they want. And you can. You cannot, however, just send them the songs off your iPod, for reasons stated above.
Re:How can it be both effective and invisible? (Score:4, Informative)
Not "open source" (Score:4, Informative)
The article linked here is the only place on the web that makes the peculiar, and false, claim that Marlin is "open source". Marlin's own creators make no such claim; they only claim that it operates on "open standards", which is quite a different can of worms.
No story here, just one careless reporter and one careless ./ submitter.
Form Letter (Score:2, Informative)
I don't have the answer to your question, but you bring up a good point. Perhaps it is time to start a new form letter.
I'll get the ball rolling:
Your system advocates a
(X) technical ( ) legislative (X) market-based ( ) vigilante
approach to fighting copyright violations.
Your idea will not work.
Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws.)
(X) It will stop copyright violation for two weeks before it gets hacked
( ) Users of media will not put up with it
(X) Microsoft will not put up with it
(X) Consumers will have to buy new versions of all their gadgets
(X) Requires too much cooperation from device vendors
( ) Requires immediate total cooperation from everybody at once
( ) Many device vendors cannot afford to lose business or alienate potential employers
Specifically, your plan fails to account for
(X) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for media
(X) Asshats
( ) Not every device has a permanent connection to the internet
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
(X) Susceptibility of DRM protocols to attack
(X) Eternal arms race involved in all DRM approaches
( ) Extreme profitability of copyright violation
( ) Identity theft
( ) Technically illiterate politicians
(X) Extreme stupidity of consumers
(X) Dishonesty on the part of copyright violators themselves
(X) The Internet
and the following philosophical objections may also apply:
(X) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
(X) The customer is always right
( ) We should be able to share our own media all we want
( ) Countermeasures should not involve sabotage of private computers
(X) Countermeasures must work if phased in gradually
(X) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) I don't want the government listening over my shoulder
Furthermore, this is what I think about you:
(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
Breaking the law? Them's fighting words, part'ner (Score:4, Informative)
1. Now I'm against piracy, but claiming something as broad as "invisible to people who aren't breaking the law" is BS.
For example, from what I understand, you only need to try playing t on a device which isn't "Marlin-enabled", for it to become very visible right there. I fail to see what counts as "breaking the law" if I merely take my bought song and try to play it on my old car stereo. Care to explain?
2. How _do_ you enforce a DRM without locking access to certain parts of the "pipeline"? E.g., if I can use open-source sound drivers, what's to keep me from writing an un-DRM-ed .WAV to disk of their music? E.g., if I can play it in a self-compiled music player, what's to keep me from writing the decrypted stream from the player instead of playing it? Etc.
That's why MS's "trusted computing" insists on authorizing and authenticating every single bit of your computing, starting from the CPU. And you can't have a signed program that you can change, recompile and have it still stay signed.
So basically they _have_ to restrict what drivers, software, etc, you use, or they can't guarantee enforcing that DRM. And as soon as you, say, went the OSS route and recompiled anything, again, it _has_ to become very visible. Because as soon as the binary has changed at all, you no longer know whether it now has a backdoor which extracts the binary stream.
_But_, and here's the important part, the binary changes even if you didn't do anything devious there. If I, say, decide to play with these stupid drivers and make them able to play multiple streams like under windows (Gnome and KDE do come with daemons that do that mixing, but natively it isn't available) it necessarily produces a different executable.
So, again, care to explain what's illegal or "breaking the law" if I decide to tweak my sound drivers on this here Linux machine? I mean, FFS, even MS's FUD at its darkest hour stayed clear of claiming that doing any OSS work is criminal.
4. I thought that it was up to the courts to decide if a law has been broken? Just a thought. Deciding a priori that anyone running into trouble with a particular piece of retarded software is a criminal, is rich. The whole fundament of the western justice is based on such ideas as establishing exactly what happened, the degree of evil intent ("mens rea"), hearing the other side's half of the story too, etc. It seems to me that deciding a priori that, basically, anyone doing things differently than you imagined is automatically a criminal, goes against pretty much everything that justice stands for.
Re:How can it be both effective and invisible? (Score:3, Informative)
Re:How can it be both effective and invisible? (Score:5, Informative)
Re:How can it be both effective and invisible? (Score:5, Informative)
Line patch cords work... but it takes only a couple of minutes on google to find the answer...
http://forum.dbpoweramp.com/showthread.php?t=11045 [dbpoweramp.com]
dbpoweramp is an awesome program. by using that setup I can convert an entire book in a few minutes instead of taking the hours the book is long.
Honestly, did you even try to search? I typed in audible to mp3 and it was link #5
Even easier... (Score:5, Informative)
Set your recording device to be "wav" or "what I hear" or something similar in your soundcard's mixer's "recording" view. Grab Audacity, hit record, then hit play on *insert_audio_source_here* No signal loss from using the physical outputs.
Re:How can it be both effective and invisible? (Score:4, Informative)
>>>Line-out, line-in, patch cord. What's so difficult?
If Microsoft or the DRM disables recording the Line In at the same time as audio playback, then this technique would not work.
Re:Even easier... (Score:3, Informative)
You can use VLC in a similar manner to play-and-record "troublesome" DVD's.
Keeping everything in the digital domain cuts out any interference from the digital/analogue conversion stage.
Re:Even easier... (Score:5, Informative)
Set your recording device to be "wav" or "what I hear" or something similar in your soundcard's mixer's "recording" view.
Secure Audio Path (Windows XP) or Protected User Mode Audio (Windows Vista) is mixed into the output after the "what you hear" patch point. But line-out to line-in works just as well, and the quality loss is negligible for a typical overcompressed [wikipedia.org] pop song.
Don't make this assumption (Score:3, Informative)
Assuming that you'll be able to rip whatever DRM they use is dangerous. With hardware that cooperates to undermine you, PKI could easily be used to encrypt data in ways that are unbreakable through software -- by ANYONE. All it takes is a chip that publishes its public key for the media source, and re-encypts data directly to digital monitors (IE, an LCD monitor, and speakers) which also publish their public keys. Short of breaking your OWN chip apart to see it's unique key, you're screwed. Moreover, it could well be unbreakable, if those chips used one-time pads.
Battling DRM and other abuses of power is a lot like the anecdote about battling the nazis: if they come for others and you don't speak up, there will be no one left to speak up when they get to you. Or, in other words, don't be complacent on the grounds that you'll survive. If you let the technology gain a foothold, you'll be up the creek too, just like everyone else.
Re:How can it be both effective and invisible? (Score:2, Informative)
Re:How can it be both effective and invisible? (Score:2, Informative)
I'd love to see them try disabling the line-in when it's on a separate computer from the line-out.
Re:How can it be both effective and invisible? (Score:2, Informative)
That would make it more obnoxious but it wouldn't fundamentally change anything. You could use two computers, or maybe even just use two VMs running on a single host. If your VM system was clever and simulated the hardware well enough, the virtualized OSes might not be able to tell they're not running on actual metal, and then you could hijack the audio stream and do whatever you wanted with it.
Sure, it's probably complex for a casual user, but remember: casual users don't need to do any cracking themselves. It just takes one reasonably-competent user somewhere to do the actual cracking, and then they can distribute the unprotected file. The more onerous the DRM, the more attractive the unprotected file will be compared to the legit product.
And of course, as the content producers become more enraged at the piracy, they'll turn the DRM screws and make it more obnoxious, devaluing their own product compared to the pirated one. Barring them getting a clue, it's like quicksand: the more they struggle, the faster they sink.
Re:Don't make this assumption (Score:2, Informative)
Hey, Godwin's law.
Also, a factual correction:
A one-time pad is not a method of public-key cryptography. Also, using a one-time pad would set up a limited lifetime for the chip, as it would have to stop executing when it finished the pad. There is no possible secure way to extend the life of a pad.