| |||||||||||||
Not good enough thenNot good enough thenPosted Dec 13, 2005 7:38 UTC (Tue) by man_ls (subscriber, #15091)In reply to: Here's the DRM support I could get behind by lutchann Parent article: GStreamer to support DRM
It only has to be good enough to defeat the typical college student [...]Then it's no good, since anyone can connect to the internet and download instructions / software written by the non-typical geeky college student who can crack it. You can frighten the guy so he will not make the software public, but then Ed Felten or someone like him will pick the story up, host the software and defend the case in courts. And since code is a manner of speech, and free speech must be guaranteed by the US constitution, he will win. Or a similar story in Europe. In the end it's hard to ban free speech. Software-only DRM is pretty dumb, though, if that's what you were referring to.DVDs were a combination of hardware + software, and they failed. Since software is infinitely flexible, it can simulate any hardware.
(Log in to post comments)
Not good enough then Posted Dec 13, 2005 11:03 UTC (Tue) by job (guest, #670) [Link] DVDs were a combination of hardware + software, and they failed. Since software is infinitely flexible, it can simulate any hardware. You can't simulate reading a disc with a specific gap length, for example. All you need to do to "protect" your content is to make sure other people don't build the same things (eg. putting them in jail, invading their country etc.). In practice you probably use protection bits or encryption keys because they are easier to control with laws. Sure, that's easier to bypass in software, but you can't simulate yourself out of jail.
Quite bad Posted Dec 13, 2005 21:34 UTC (Tue) by man_ls (subscriber, #15091) [Link] You are right. However, these laws are just making it clear that digital restriction measures are too draconian. Putting people in jail because they distribute a prime number which unlocks a DVD you purchased is hard to justify. If only people just cared a little bit more about things around them...
Not good enough then Posted Dec 13, 2005 16:13 UTC (Tue) by lutchann (subscriber, #8872) [Link] anyone can connect to the internet and download instructions / software written by the non-typical geeky college student who can crack it. Assuming a software-only crack is possible, yes. I don't think that's an assumption that will always be valid. DVDs were a combination of hardware + software, and they failed. Since software is infinitely flexible, it can simulate any hardware. CSS was designed, what, 10 years ago? It was implemented in dozens of software-only products and yet it took five years to break? CSA was standardized in 1994 (two years after the AHRA, in which a "copy-disallow" bit was considered state-of-the-art content protection) and it took until 2002 for even the algorithm to be fully understood. All publicly-available attacks still require a source of key material; it can't be brute-forced like CSS. The media companies have learned their lesson, and can also rely on a decade of hardware advances to design more secure protection schemes. I don't know if I would be so smug about their inevitable failure.
Not good enough anyway Posted Dec 13, 2005 21:29 UTC (Tue) by man_ls (subscriber, #15091) [Link] Good point. And yet remember that secrets cannot stay secret for ever, however well you guard them. One leak is enough to break any encryption scheme; and once in the open, you cannot recall all devices and media in the field to change them. Therefore, these restrictions systems are inherently brittle.I think legal threats (as job outlines above) are more credible. And more scary.
Not good enough anyway Posted Dec 15, 2005 7:15 UTC (Thu) by zblaxell (subscriber, #26385) [Link] DRM can require players to phone home (or provide an Internet connection that the GPU in your video card can use to phone home) for firmware updates on a regular basis.
Some of the proposed DRM schemes disable *authors* or *players*, not media. Some of the proposed media types require someone to sign (and therefore approve) every author's or player's key. Playback hardware (which doesn't have an unencrypted native data format, not even on the PCI bus) will refuse to accept the data unless it comes with a valid, unrevoked signature.
The idea is to force everyone trading things on the net to have their keys signed, then have video cards that can receive lists of revoked author keys, and refuse to play anything that came from someone who displeases their DRM masters.
Can't require phoning home Posted Dec 15, 2005 15:37 UTC (Thu) by felixfix (subscriber, #242) [Link] No way can DRM manufacturers require or even expect that all units will phone home regularly. iPod? Car system? Even trying to convince people to plug their home stereo into a phone is problematical. Can you imagine when Joe Sixpack sets up his new stereo, he won't read the manual, he'll plug it in, plug in speakers, put in a CD and hit the play button ... and nothing will happen. He's going to get mad and frustrated when he can't make it play his CD, he's going to take it back or call the 1-800 number, and he's going to really come unglued when they tell him his stereo won't play a CD unless it is connected to the Internet.
Even if only 1% of the Joe Sixpacks demand a refund, the message will come through loud and clear.
Can't require phoning home Posted Dec 15, 2005 17:49 UTC (Thu) by zblaxell (subscriber, #26385) [Link] Don't be so sure. An average iPod is fairly often connected to an Internet-connected PC of some kind, which can act as a conduit for control messages from Apple.
It's not actually necessary to phone home if the device listens to broadcasts from home. Plastic discs (even blank recordable media) can come with embedded directives to the players from the DRM vendors. A DVD holds 9GB of data but many movies are much smaller...each one could contain a million author/player revocation certificates. These can easily reach the home and car stereos. The car stereo can also receive updates via its radio receiver.
Can't require phoning home Posted Dec 22, 2005 18:58 UTC (Thu) by beoba (guest, #16942) [Link] I have difficulty seeing many users going along with "you must plug your ipod into a computer every N days or it will stop playing your music"
Can't require phoning home Posted Dec 23, 2005 21:18 UTC (Fri) by zblaxell (subscriber, #26385) [Link] I think it would be more like "if you want to put more music on your iPod, you must plug your iPod into a computer." At that point it can require Internet connectivity to its DRM masters since the whole point of the exercise is to transfer data from the same DRM masters to the iPod. The user experience might be "sometimes when you put new music onto your iPod, it stops playing some of the old music any more."
Of course if someone writes a free version of the software on the PC that talks to the iPod, there's no way they can fail to notice that for some reason the wire protocol to the iPod involves bouncing blocks of unintelligible bits back and forth to some Internet site that nobody has ever heard of.
On the other hand, if Apple starts embedding iPod DRM directives into standard formats (e.g. MP3) as audio watermarks, then Apple still owns the iPod unless you are a guru of stenography countermeasures.
Of course this doesn't do anything useful if the only data you put into your iPod comes from clean sources (e.g. ripped from standard audio CD's or analog sources by unencumbered DRM-free software) with no network access, but at this point you're maintaining a firewall around the iPod--if you ever stop paying attention or loan your iPod to someone who does, your iPod could escape its confinement and update itself.
|
|||||||||||||