The DRM Scorecard 543
An anonymous reader writes "InfoWeek blogger Alex Wolfe put together a scorecard which makes the obvious but interesting point that, when you list every major DRM technology implemented to "protect" music and video, they've all been cracked. This includes Apple's FairPlay, Microsoft's Windows Media DRM, the old-style Content Scrambling System (CSS) used on early DVDs and the new AACS for high-definition DVDs. And of course there was the Sony Rootkit disaster of 2005. Can anyone think of a DRM technology which hasn't been cracked, and of course this begs the obvious question: Why doesn't the industry just give up and go DRM-free?"
Geeks do- everyone else doesn't. (Score:5, Insightful)
It discourages casual copying, nothing more, but I can't imagine it was intended to do any more. Nobody's that stupid.
Re:Geeks do- everyone else doesn't. (Score:5, Funny)
Re:Geeks do- everyone else doesn't. (Score:5, Insightful)
To do otherwise is naive at best.
Re:Geeks do- everyone else doesn't. (Score:5, Funny)
"You mean you can supply me with uncrackable protection from unauthorized copying?"
"That's right!"
"Wow, and I don't really understand all this stuff, but when it gets cracked later this month I'll keep sending you your checks."
Re:Geeks do- everyone else doesn't. (Score:5, Insightful)
Given that assuming everyone in the entire media industry has the combined intelligence of a bowl of fruit is irrational and unreasonable, malice (although not exactly the "Buwahahaha evil" type of malice) is the most reasonable explanation.
Re:Geeks do- everyone else doesn't. (Score:5, Insightful)
If they determine that the cost of adding DRM (licensing fees, lost sales, etc.) is less than the benefit (more legal purchases in place of casual copying), then they can say that DRM helps them (in the short term). I think that they have believed this to be the case.
Re:Geeks do- everyone else doesn't. (Score:5, Insightful)
Re: (Score:3, Insightful)
Locks are a good way to keep honest people honest, but they should be simple and unobtrusive. The reason why we have key locks on our front doors instead of complicated biometric systems (this may be the wrong audience for this comment) is that they are simple, cheap and less prone to failure. The DRM systems created today are complicated, expensive (especially in hardware cost), unreliable and confusing. A simple restriction against copying marked files in software would do just as well to keep honest user
Keys work locks (Score:5, Insightful)
Locks are a good way to keep honest people honest, but they should be simple and unobtrusive. The reason why we have key locks on our front doors instead of complicated biometric systems (this may be the wrong audience for this comment) is that they are simple, cheap and less prone to failure.
Re:Geeks do- everyone else doesn't. (Score:4, Insightful)
Re:Geeks do- everyone else doesn't. (Score:5, Insightful)
Re:Geeks do- everyone else doesn't. (Score:4, Informative)
Locks in many forms have been around for a very long time http://inventors.about.com/library/inventors/bllo
Re: (Score:3, Informative)
Re:Geeks do- everyone else doesn't. (Score:5, Insightful)
Here's music exec Joe Shmoe. He's fairly intelligent when it comes to business related topics. He has a masters in BA. He doesn't understand jack about all that computer stuff, but that's not his biz. His biz is music.
Then here's Alex. He may or may not have a degree, but he sells Joe the DRM tools for his music. He knows both, commerce and computers.
Joe realized that Alex' DRM tools were cracked. Alex knows that too, and he knows well that the spin of "we make it uncrackable" doesn't hold water. But he also knows how Joe thinks. His selling strategy thus is:
1. Cracking DRM is another burden, which keeps a few more people from copying.
2. Cracking DRM has been made illegal, which keeps another few more from copying.
3. Our DRM solution costs less than the losses due to illegal copying.
Joe understands that. And thus Joe buys.
Re:Geeks do- everyone else doesn't. (Score:5, Insightful)
That's an interesting viewpoint.
Are you also of the opinion that auto industry executives hold the naive view that auto theft-deterrent systems are infallible?
When I first got into the Apple warez scene in the early 80s, I asked somebody older and wiser why, say, they bothered to put copy protection on Wizardry when clever guys like me could easily crack it.
"Because," he pointed out, "if the copy protection prevents just one person from copying it, it's done its job."
And that's why copy protection on CDs and DVDs exists today: to deter casual copying. Much to their disadvantage, most people out there just aren't as technically adept as Slashdot readers.
Can you clarify why you believe that folks who use DRM don't understand this? It requires quite a stretch, but if you think you have solid evidence, I'd like to hear it.
Re:Geeks do- everyone else doesn't. (Score:5, Insightful)
So take this "deter casual copying" crap and smoke it. If the residents of MySpace can work out how to copy and trade DRM'd stuff then anyone can.
Re:Geeks do- everyone else doesn't. (Score:5, Insightful)
The question is not whether people can do it, its a matter of whether they actually will.
To get DRM-less content, they need to:
Each step filters people, and those people pay. Simple as that.
The real question is how long the RIAA will take to realize that there are alternatives to this model.
Re:Geeks do- everyone else doesn't. (Score:5, Insightful)
Re:Geeks do- everyone else doesn't. (Score:4, Insightful)
With you there, I could find the cracks (easily); mostly I don't care to
Not necessarily, a lot of people, like me, simply say "fuck it" entirely and stick to what they already have.
Re: (Score:3, Informative)
Not always. You can buy iTunes credit (in £15 or £25 blocks) in supermarkets in the UK, and they take cash. Not a great deal of use if you just wanted to buy a couple of tracks, mind...
Re:Geeks do- everyone else doesn't. (Score:4, Insightful)
Are you also of the opinion that auto industry executives hold the naive view that auto theft-deterrent systems are infallible?
Re:Geeks do- everyone else doesn't. (Score:4, Insightful)
And that's why copy protection on CDs and DVDs exists today: to deter casual copying. Much to their disadvantage, most people out there just aren't as technically adept as Slashdot readers."
'Cept most are adept enough to just download a copy from someone whose already cracked and transcoded it.
Re: (Score:3, Insightful)
The casual copiers of today visit a p2p-network and download the already-cracked, unprotected files. They don't notice that these files ever had DRM.
Re:Geeks do- everyone else doesn't. (Score:4, Insightful)
Re: (Score:3, Insightful)
>"That's right!"
It's more like the media execs were asking for it, so the IT execs sold it.
I work in one of those huge companies that defined those crackable, ineffective DRM standards.
I'm a security expert in that company. I know the other security experts. There's not one of them that believes the DRM standards can work, because we understand that DRM cannot work from a fundamental point of view. It is an intractabl
Re: (Score:3, Insightful)
I can't tell if they are stupid or evil, but I always thought business men were really smart, learn really fast and have a huge outlook. None of that can be said about music industry executives.
I guess they've been sitting on their asses receiving a shower of money for too long. They can read the writings on the wall, but it's too much for them to handle.
My country has a lot of textile industry. Years ago, the WTO decided to open the textile market to China in 10 years. The industrials had 10 years t
Re:Geeks do- everyone else doesn't. (Score:5, Insightful)
Ummmm, lets think about that:
1) It only takes ONE person to "crack" and copy music, a movie, etc. and make it available to all the average Joes.
2) It only takes ONE person to create a patch or an app and every average Joe can use it.
Where do these newbies come from on here? Sheeez.
Re:Geeks do- everyone else doesn't. (Score:5, Insightful)
The point was that the RIAA/MPAA is taking a dual-pronged approach, as is visibly obvious- they are targeting torrent sites with an offensive barrage of lawsuits to prevent downloading and they are targeting the media with an offensive barrage of DRM to prevent casual copying which is decentralized and untraceable.
Is this approach effective? To some degree, yes, it is. Will it ever be 100% effective? No, it will not.
Re:Geeks do- everyone else doesn't. (Score:5, Interesting)
Re: (Score:3, Insightful)
Re:Geeks do- everyone else doesn't. (Score:5, Interesting)
This is indeed the root of any high-distribution system and is applicable to several domains--piracy, drugs, airborne diseases. It only takes one copy on a viable transmission medium to start the ball rolling.
It's the convenience, stupid (Score:3, Insightful)
"Available" is a relative term.
For your average iPod-buying Joe, it's easier to find a desirable song by buying a CD on the way home or to search and download it from the iTunes Store, than it is to find a reliable and spyware-free Gnutella client, search for the song, eliminate all the junk matches, find one that's good quality, and download it.
I like using the iTunes Store to download singles
Re: (Score:3, Interesting)
A. work overtime so that I can pay someone to do it, or
B. not work overtime and do it myself
I'd choose B. Working on a house is more interesting than sitting at a desk driving Catia all day, and (usually) the frustration level isn't any higher. It may take me longer overall, but I'd be at home with my family instead of at work.
All bank vaults and locks have also been cracked (Score:4, Insightful)
A mechanism that is difficult to crack (whether that is a physical lock or DRM or password) makes it harder for the cracker and reduces the likelihood of someone actually doing the cracking. That removes casual crackers from the equation.
It also makes the cracking act more deliberate and makes it far harder for someone to claim: "That diamond got in my pocket.... I just found it on the sidewalk and thought it had been thrown out." or "Oh that music on my MP2 player... I thought it was free!"
Re:All bank vaults and locks have also been cracke (Score:5, Funny)
Was someone a little strapped for cash?
Re:All bank vaults and locks have also been cracke (Score:5, Insightful)
I'd say that DRM schemes are like having one giant bank vault. Yes, it will eventually get compromised, and once it is, everything inside is trivial to take.
This is called "the Smart Cow problem" (Score:5, Informative)
Re:All bank vaults and locks have also been cracke (Score:5, Insightful)
Fundamentally, you're spot on. It is a hell of a lot worse than bank vault security. You can't have the party it's secured against also the one it decrypts for. It just makes no sense! All DRM is crackable by definition, they know this, they just want to make it as much of a hassle as possible.
Re:All bank vaults and locks have also been cracke (Score:4, Interesting)
We already have copyrights to protect the producers of works. DRM is going too far as it restricts the users rights to use something for their own private use, for which they have legally purchased.
Re:All bank vaults and locks have also been cracke (Score:3, Insightful)
Re: (Score:3, Insightful)
Now, obviously the honor system doesn't work. If DRM vanished tomorrow, most Slashdotters would still keep downloading. It provides something to bitch about more than anything. The fundamental problem is that Slashdot has decided it doesn't like the media industry's business model. It doesn't actually ha
Re: (Score:3, Informative)
I buy my music. I also buy my movies. I don't want so many that I couldn't afford it, and likely I wouldn't buy enough to make the industry survive. A handful of movies or music discs a year isn't really making or breaking it for them.
But I do want to use those items in the way I intend. I want to be able to hear that music in my car, I want to be able to watch those movies on my c
Re:All bank vaults and locks have also been cracke (Score:4, Insightful)
But there is no uncrackable DRM-technology. There can't be. By nessecity the users machine MUST contain all the information needed to decode the media. If it didn't, it couldn't display it. If it can display it, it fundamentally CAN also save it in an unrestricted format.
Yes, it may be more or less tricky to get at the keys. But it'll always be *possible*.
Re:Geeks do- everyone else doesn't. (Score:5, Interesting)
Re: (Score:3, Informative)
Re:Geeks do- everyone else doesn't. (Score:5, Interesting)
Of course not. That's why the MAFIAA and similar parties use the legal system to fill the holes that technology can't. If you can't actually stop everyone from doing it, simply make it illegal, and sue anyone who gets past the initial hurdles.
DRM and IP law, the technological and the legal - the two work in tandem, but I would say that the end goal is perfect control over content. Anything less than perfect control is, after all, simply an unexploited opportunity for profit.
Re: (Score:3, Informative)
Re: (Score:3, Insightful)
Re: (Score:3)
Organized crime if they are worth the title will have a professional duplication process and will charge at least Wal-mart's latest prices, or better yet be involved in a video rental place or something where they can sell/rent videos ad infinitum.
Re: (Score:3, Insightful)
Which is what the MAFIAA continues to say, and I find it a bit insulting. It's basically implying that all honest people would instantly be dishonest, were it not for the wonders of locks or DRM.
Anyway, I disagree. The point of a lock is only sometimes to "keep honest people honest" -- for example, a bathroom door which is normally closed should have a lock, so you know when someone is in there. This is certainly no
The only thing not cracked yet... (Score:5, Insightful)
You mother fuckers are pissing me off (Score:5, Funny)
Re:You mother fuckers are pissing me off (Score:4, Interesting)
They know how evolution works. The most draconian systems they come up with today will be childs play eight years from now. So in reality, for as nasty as they look now, they will be almost pointless 10 yrs from now. (look at CSS...) So what they're doing now really this isn't any worse than CSS was when it was made, relatively speaking. Six years from now we will look at this and yawn, as we feed a spindle of old blue rays into a reader (at 25 seconds each) and download our entire collection to our data cube.
Re: (Score:3, Funny)
Well, you can surrender all of your rights to me, and I'll manage all of them for you.
The only thing really not broken... yet (Score:5, Funny)
Is Blueray. That's going to last another decade.
Re: (Score:3, Funny)
Re: (Score:3, Informative)
DRM isn't supposed to be foolproof (Score:5, Insightful)
The same effect has been observed in software for years, Windows XP had an activation thing built in, anyone who knew what they were doing would bypass it, anyone who didn't (and didn't know anyone who did) would eventually go and buy superfluous copies of software they already owned.
Bad arguments and bad reasoning (Score:5, Insightful)
"When you list every major law implemented to "protect" life and property, they've all been broken. Can anyone think of a law which hasn't been broken, and of course this begs the obvious question: Why doesn't society just give up and go law-free?"
DRM doesn't have to be perfect to do its job, anymore than law enforcement has to be "perfect". It just has to be effective enough to keep Joe Average from copying the file. Whether or not DRM is actually "good" or "bad" for media producers is a completely different argument, but Wolfe's sophomoric reasoning does nothing to address it.
Re: (Score:3, Insightful)
Re: (Score:3, Funny)
We do not want to see these folks roaming the streets on drugs. A few times a year someone does something utterly boneheaded and gives their friend drugs. Then finds out their friend falls into the above category and get to watch while they (a) destroy their life with drug-seeking behavior, (b) do unbelievable stuff like burning down their house, running over little old
Re:Bad arguments and bad reasoning (Score:5, Funny)
I don't like them Putting Words in people's mouths (Score:3, Funny)
DRM is doing it's job (Score:5, Informative)
DRM works under the same concept as locking your car. IF someone really wants in, they will get in. But it certainly cuts down on the casual person who will take an easy opportunity, but doesn't care enough to put in the effort to get around the measures you put in place.
Cable HDTV DRM (Score:5, Interesting)
Re:Cable HDTV DRM (Score:4, Informative)
Why DRM? (Score:4, Insightful)
There's a well known saying "Locks secure you against honest people" (or words to that effect).
The hard-core/organized/professional criminals have the skills, technology and motivation to bypass these "security measures".
Remember people, locks aren't about making you secure, they're about making you FEEL secure.
s/locks/airport security screening procedures/
s/locks/the department of homeland security/ (well, that and political empire-building and creating a police-state by stealth)
Smokey The Bear Says: Only YOU can prevent the violation of your civil rights "in the interest of National Security".
Re: (Score:3, Insightful)
So you never lock your car, or your house, or anything you own?
DIVX (Score:3, Interesting)
I don't rember ever seeing DIVX [wikipedia.org] ever being cracked. The fact that it failed in the market and you could get the exact same content off of a non-DIVX DVD aside, I don't know of a crack for it.
But everything that has been in use for a little while or on successful product? Yeah, it's cracked. The article doesn't even begin to mention all the software protection schemes that are no longer effective.
We have everything we need... almost (Score:3, Interesting)
Plausible deniability
Analogue hole
What we miss is a file sharing program that makes use of a TOR like network and stores the files in a plausibly deniable container by default (i.e no need to be a computer geek) so that everyone can use it. Such a program would essentially be a tactical nuke against the record label's business model. Some time ago I may have considered promoting this immoral, but after I had a night ruined by region codes ( my girlfriend* at the time had bought me a present while visiting the states ) I sort of want to see this bullshit fail as much as possible. Unfortunately I don't know shit about designing a decent network so I can't write the stuff myself, but if things continue the way they do it is only a question of time before somebody does it.
*Yes yes, I know I'm not supposed to have had a girlfriend and post to slashdot... If it helps maintain the stereotype I could disclose that I'm nocturnal, skinny and still living with my mother...
Re: (Score:3, Interesting)
Wow, once again showing some truth to the meme that all technology is better in Japan. Winny [wikipedia.org] (and its successors Share [wikipedia.org] and Perfect Dark [wikipedia.org]) appear to be far more advanced than any p2p popular in the US, although Wikipedia points out that they assume high speed connections which are most common in Japan.
What I find really interesting about those programs though is that they are all closed-source Windows programs. Is Windows really that overwhelmingly pervasive in Japan? Or is it just too difficult to write a c
Certainly there are some things which come to mind (Score:4, Informative)
or some of the Synchrosoft dongles. Logic Pro 7 is not really something that has been cracked yet either, to my (admitedly limited) knowledge.
From what I recall reading, when H2O did manage to [k] Nuendo, it took them so long that I think they said
they were not going to bother doing it more, as the process was just too annoyingly time-consuming.
Theoretically, these systems could probably be made to protect anything which is a software-based application. Not sure if this qualifies as DRM, rather than just some 'copy-protection'
technique but certainly it has helped ensure that many small developers of quality audio plug-ins survive because their creations cannot be cracked.
Z.
A Long-Standing Illusion (Score:5, Insightful)
There's only one copy protection system I know of that hasn't been (meaningfully) cracked, and that's MediaCipher, created by Motorola for the cable TV crowd. Ironically, it was one of the first ones ever created. (Of course, it helps that the boxes implementing MediaCipher are only rented -- never sold -- to end-users.)
Copy protection next showed up in a major way for computer games, most notably for the Apple ][ computer. This fetish briefly spread into applications software as well as games, until the users thundered, "No Fscking Way." It took about four to six years for this to shake out.
Despite the fact that there is no conclusive evidence that copy protection has any meaningful impact on sales, anti-copying measures are still used extensively, but by no means universally, throughout the games industry. In particular, Unreal Tournament's initial anti-copying measures are little more than perfunctory, and are later dropped entirely.
Near as I can determine, copy protection advocates claim as axiomatic that unsanctioned copying will depress sales to livlihood-threatening levels. They cleave to this axiom with a fervor usually associated with religious fundamentalists. However, every time this axiom is honestly examined, mitigating or even entirely contradictory evidence is discovered. Yet the myth persists.
It's not the technology we need to combat (since Turing proved it can never work). It's the defective thinking.
Schwab
Apple iTunes Video (Score:4, Informative)
So ya can't yet burn that episode of "Lost" you bought on iTunes to a DVD.
Re: (Score:3, Insightful)
FairPlay on videos not cracked (Score:3, Interesting)
It's been what, 2+ years since Apple started selling videos and still no crack?
You know (Score:5, Funny)
it really doesn't beg that question. (Score:3, Interesting)
The industry isn't trying to make uncrackable DRM. They're trying to make DRM that's just annoying enough so that the majority of users don't go to the trouble. Expert users will always crack whatever they put out. That wouldn't be a problem except for the ease of distribution BitTorrent affords and other P2P services afford. The same principle applies w/ the RIAA lawsuits. They're not trying to sue everyone who pirates music. They're just trying to get enough publicity so that people start thinking, "Gee, if I download that song then there's a chance, however remote, that the RIAA is going to sue me. Even if the law is on my side and I win, that would be a colossal hassle. Maybe I'll just buy it instead."
Re: (Score:3, Interesting)
They're trying to make DRM that's just annoying enough so that the majority of users don't go to the trouble of buying the product legitimately in the first place. There, fixed it for you. This is a fine line these benighted fools must walk, as they are engaged in marketing a product that is inferior to and which can be more easily and cheaply obtained from illegitimate sources.
Uncracked DRM (Score:3, Insightful)
My idea of a cracked DRM is one that allows you to use the product exactly is if the DRM was not included. I think starforce which is used for gaming was never fully cracked. At least not the latest version. I remember seeing a crack for a game (I forgot its name, go figure) which used starforce that required you to physically unplug your dvd drive from the motherboard in order to work... Starforce was such a violent protection that even the game companies themselves decided to ditch it. It would do havoc to your machine and I even heard several cases were a DVD drive was rendered useless because of it.
As someone has already mentioned, no DRM is uncrackable but some of them require a lot of work. The DRM's of popular products will always be cracked because of the demand but there are many people who use niche products that are usually not worth the effort for the skilled crackers. These will just have to take the pill and suffer quietly.
To read my post (Score:5, Funny)
DRM and honesty (Score:3, Insightful)
The purpose of DRM is to force honest people to repurchase music every time the format changes.
Once you understand that, the obsession with DRM makes more sense.
The Answer: Greed Makes You Stupid (Score:5, Interesting)
The entire entertainment industry is so consumed with greed that they are no longer able to think clearly. The failure of DRM is so painfully obvious, but the MPAA, RIAA, BSA, etc. are so blinded by greed that they can't see it. To them, the failure of DRM is proof that they need bigger badder DRM along with bigger badder laws to punish people. This is what greed does to you.
The secret to success is simple: make a good product and sell it at a fair price. But when you are bkinded by greed and convinced that you're losing billions of dollars to "piracy", you think that the secret to success is to control your precious "intellectual property" with the most draconian iron-fisted methods possible.
Preventing competition (Score:3, Interesting)
First: Why is the weak system worth spending 10,000 gates for? The answer doesn't lie in platitudes about speedbumps or raising the bar -- any technical bumps or bars will be obliterated when the master secrets are published.
So temporary piracy prevention doesn't seem like a good explanation.
A much more plausible answer is that HDCP encryption exists only as a hook on which to hang lawsuits. For example, if somebody makes unlicensed displays or format converters, copyright owners could try to sue them under the DMCA for circumventing the encryption."
Because if there's anything a tech mogul hates worse than his own customers, it's his competition.
DRM in a Nutshell: [r30.net]
An encryption system is a way to deliver information securely, even through the hands of the thieves.
A DRM system is a way to cut out the middleman, and deliver information securely into the hands of thieves directly.
See the problem?
Confusing the thief for the customer is why DRM can never work.
Confusing the customer for the thief is why DRM can never sell.
It has nothing to do with content protection (Score:5, Insightful)
http://www.theinquirer.net/?article=29161 [theinquirer.net]
-Charlie
The sony umd movie recording format (Score:3, Funny)
DRM is here to stay! (Score:3, Insightful)
Frist off, digital piracy isn't that different from brick-and-mortar piracy -- sellers will always try to find ways to prevent theft, and those who want to pirate stuff will always find ways to circumvent the checks. This is human nature and the it'll probably never change.
Second, while we (rightly) think that the RIAA could save itself a lot of effort by revamping its model, that argument doesn't scale to other media. For example, movies. Movies are expensive to make, and don't sell in the same volumes as songs. The RIAA might easily solve its problems by moving to an AllOfMp3-like model, and pricing structure. But the MPAA won't be able to do the same -- charging 10 cents a movie will mean that they need to sell about 150 times the volume to make similar profits. Charging even $4 a movie will be enough incentive for people to go back to bittorrent. So clearly, its a never-ending tug of war, and while we think the RIAA/MPAA should in good faith adjust it's pricing model etc. the MPAA (at least) can't rely on the same good faith from its customers.
But of course, the RIAA and MPAA are not blameless. And neither are Apple and MS and anyone else creating DRM schemes for multimedia formats (in fact, perhaps the Apple and MS folk are more guily than the RIAA/MPAA. Thier real sin is, they are trying to exploit a side-effect of DRM by not openly licensing thier DRM schemes and not making them interoperable/platform-agnostic. They have seen the side-effect of locking in customers by not licensing thier DRM schemes and by using proprietary formats, and they're frothing at the mouth with the possibilities of locking in customers, and getting duplicate revenues from those that do defect.
At one point, I was actually willing to give MS some props for trying to rally the industry around a single DRM scheme (PlaysForSure) and keeping the API for it open. The lack of PlaysForSure on Macs and Linux is a big problem, and using WMA is a bigger problem, but the real sin was when they came out with yet another DRM system for the Zune. (Unless their PlaysForSure contracts made it a necessity by stipulating that MS will never come out with a PlaysForSure device or something like that - I wonder).
And Apples fault is in how they choose to license FairPlay. They seem to have some arbitrary 'coolness factor' that needs to be met before they license FairPlay (which they do license out). For example, it's clear that the Xbox ppl have given iPod integration a lot of importance, and they must surely have approached Apple to license Fairplay so that even protected songs could be streamed to the 360 from a PC/Mac or iPod. The fact that this doesn't work today can only be because Apple did not license FairPlay. A terrible sin, for what would have been a very cool and easy to use feature. They did not think about the benefit to their users first -- they thought about lock-in instead.
This is really what's wrong with DRM today. Companies are having a field day with trying to lock in consumers, and not giving any thought to enabling them to use thier property in as many fair ways as possible. The focus is completely on lock-in, and disabling, rather than enabling, and maintianing an audit trail without hindering.
The solution might come from the market, in time. But for that people need to be very vigilant about shunning DRM schemes until these companies learn thier lesson and start inter-oprating with each other. That doesn't look like its happening anytime soon -- what with iTunes downloads crossing the 3 billion mark the other day. Consumers only have themselves to blame if they endorse DRM in this manner.
The solution might come faster through litigation. Either through class action lawsuits (iTunes customers who want to migrate so a non-apple mp3 player, who get pissed because thier collections are now worthless), or Congress (ve
uncracked DRM (Score:3, Interesting)
I propose Xbox 360 DRM.
Essentially un-hacked after all this time. Interestingly enough it's been possible to run warez for long time but ONLY if it's right region and no modification whatsoever is possible (cheats etc)
However, homebrew software, cross-region mods, or any modification to the games: Big Ix-Nay.
Yes, if you go to extreme lenghts and took the necessary steps long time ago it's possible to change the region code of the console. The kernel vulnerability was patched and there's no way to un-patch unless you exploited the vulnerable kernel to obtain one of the encryption keys. Or in other words, if this is news for you, forget about it.
Casual Copying / Fair Use (Score:3, Insightful)
Nor does it try to prevent the street sellers, who mostly buy their stuff from the above, mass duplicate and sell cheaply.
What it's intended for, is to screw more money out of the average consumer.
When i was a kid, my parents would buy me music on vinyl records, and record them to audio cassette for me to play, because being a kid i would invariably ruin the media at some point. When that happened, they would make me another copy. Similarly, they would make copies to play in the car (tapes often got damaged if they were left on the dashboard in hot sunny weather, and i doubt there are many cars which can play vinyl).
DRM will stop these law abiding citizens from making their own personal-use copies, and force them to buy multiple copies of their media, and there are even more reasons to format-shift now:
CDs - to play in the car
CDs - for kids to destroy
Digital files - to play on a media center
Digital files - for an ipod or cellphone
Ofcourse, those who pirate media will continue to do so, and will be better off than those who don't. Eventually more of those people will choose to pirate media instead so that they gain the benefits of drm-free media.
Re: (Score:3, Funny)
In the eyes of the DMCA, the best DRM is ROT26.
Re:DirecTV (Score:4, Interesting)
Re: (Score:3)
This could not be done in a timely enough manner (i.e. in real time) to make it worthwhile, though, which is why no one does it.
Sure they do. Grab a DirecTiVo unit off of eBay, hack it [mastersav.com] and you can download recorded shows in a DRM-free format. You'll still have to pay DirecTV to access the video in the first place, but as you rightly point out that really isn't DRM.
DRM is about letting you have the content while preventing you from doing anything with it. DirecTV is a pretty good example that even though they can prevent you from getting the content, they can't control what you do with it once you have it.
Re: (Score:3, Informative)
Re:HDMI (Score:5, Informative)
"Cryptanalysis researchers demonstrated fatal flaws in HDCP for the first time in 2001, prior to its adoption in any commercial product. Scott Crosby of Carnegie Mellon University authored a paper with Ian Goldberg, Robert Johnson, Dawn Song, and David Wagner called "A Cryptanalysis of the High-bandwidth Digital Content Protection System". This paper was presented at ACM-CCS8 DRM Workshop on November 5, 2001.[1]
The authors conclude:
"HDCP's linear key exchange is a fundamental weakness. We can:
* Eavesdrop on any data
* Clone any device with only their public key
* Avoid any blacklist on devices
* Create new device keyvectors.
* In aggregate, we can usurp the authority completely."
It must be noticed, however, that for this attack you first have to break Blom's scheme (the linear algebra based key exchange system). In the case of HDCP you need a minimum of 39 device keys in order to reconstruct the secret symmetrical master matrix that has been used to compute all device keys.
Around the same time that Scott Crosby and co-authors were writing this paper, noted cryptographer Niels Ferguson independently claimed to have broken the HDCP scheme, but he did not publish his research, citing legal concerns arising from the controversial Digital Millennium Copyright Act [1].
The most well-known attack on HDCP is the conspiracy attack, where a number of devices are compromised and the information gathered is used to reproduce the private key of the central authority.
The Alice and Bob analogy (Score:5, Insightful)
In cryptography, we have an explanation using Alice and Bob [wikipedia.org]. Alice is communicating with Bob, while Eve (eavesdropper) tries to decrypt the message. Alice and Bob have the key to decipher the message, but Eve doesn't. She wants to decrypt the communication *without* the key.
A --- E --- B
Alice in this case, is the Digital Media producer (or encrypter), and B is your DVD. You're Eve. The problem with DRM is that Eve *HAS* the key. By cracking the DVD software (some disassembly, debugging and you're done), Eve can obtain the key from Bob.
A --------- B E
This is the problem with DRM. It's flawed by design. The DMCA is a legal "patch" to this algorithm, punishing Eve if she gets the key from Bob. The problem with DMCA is that the punishment doesn't apply to all countries, and trying to enforce it results in attacking freedom of speech.
perhaps it was too subtle. (Score:3, Interesting)
Re: (Score:3, Interesting)
Send everybody who pays for a TV license a card with an ID and password.
Person must first log into the web site with their ID and password, and then they can stream the programs using some sort of open CODEC or even Flash.
The solves 98% of the problem. And it's one of those good enough solutions that lawyers and bureaucrats will turn down because they're not thinking rationally. They're looking fo
Re: (Score:3, Informative)
DRM is unnecessary - they can simply restrict access by IP address to UK residents. This would put the "protection" on par with their DVB streams (which they are actively pushing to be unencrypted), which are geographically restricted to (more or less) the UK. Just because you are delivering content
Re:Locks are for Honest People (Score:4, Funny)
George Orwell just called and said he owns the IP to "newspeak", and he's giving you permission to do the right thing and stop stealing it.
Re:security != technology (Score:4, Interesting)
I've been in the computer security biz for a long while now. You'd be amazed how many suits think of security as a product to buy, to install and then never think of it again. When you tell them that it should be audited and reviewed every now an then at least (personally my suggestion is every month or at least every two months), they look at me bewildered and reply with something akin to "but we just bought the security you mentioned. What gives, is it not secure?" (implying "Are you selling snakeoil?")
You have no idea how hard it is to get it past an exec's skull that security is an ongoing process and evolving, not something static that you set in stone for now and forever.