LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Defining DRM

Defining DRM

Posted Oct 17, 2006 19:20 UTC (Tue) by GreyWizard (guest, #1026)
In reply to: DRM is the topic by sepreece
Parent article: Similar in spirit?

The base LWN article, however, is about TC (anti-Tivoization) as much as it is about DRM.

I'm not sure what you mean by this. The LWN article is about the GPLv3 drafts, which would prohibit the use of covered software in systems that implement DRM. By DRM I mean a system which enforces some software behavior regardless of what the owner might want. This seems to be the conventional definition of the term, so "Tivoization" is DRM. Trusted Computing is a technology with which DRM and possibly other things can be implemented. Since the GPLv3 drafts would affect Trusted Computing only when it is used for DRM I still don't see how it can be relevant.

However, the liability w/r/t DRM would be based on contract conditions with whatever service the DRM was protecting.

DRM clearly has advantages for the businesses who control the keys in the same way censorship is an advantage for those implement it. The question is whether a free software license should attack DRM. I don't propose to answer that question but clearly contracts between vendors are not relevant.

The fact that there are other means of jamming cellular networks is completely irrlevant to the question of whether it's a public benefit to avoid malicious modification of cell phones.

On the contrary, the availability of jamming devices demonstrates that cell phone network disruption is not a serious problem in practice.

Consider an analogy. Some programmers create malicious software that attacks exposed internet services. Wouldn't there be a public benefit to regulating compilers and using DRM to embed identifying information in all source code? This way people who do harm could be discovered and punished. Isn't the availability of unauthorized compilers completely irrelevant to the question of whether this would be beneficial?

I'm sure there is an opportunity cost in reduced innovation, though I don't think you can quantify it any better than I.

I'm not asking you to quantify it exactly but to think through the consequences. DRM doesn't seem to accomplish anything for cell phone network robustness that couldn't be done more effectively with proven technology, but it clearly creates problems. Gloves can be used to avoid leaving fingerprints at the scene of a crime, but we don't insist they be registered. Cryptography can be used by criminals for conspiracy, but this is not a strong enough reason to keep it out of the hands of legitimate users. For the same reason, we should not insist on preventing people from changing a cell phone operating system merely because we can imagine disruptive uses.

There clearly is public demand for content that the content owners will make available only under DRM.

There is no shortage of educational and cultural material on the market and the notion that content owners are sitting on an enormous pile of it that they will only release when the playing field is tipped still further in their favor is often presented by certain trade associations but is always unescorted by evidence. We've reached the point of diminishing returns on that strategy. Distributing material under copyright without the consent of the owner is already illegal and successful enforcement happens all the time, often without the need to go to court. Indeed, enforcement is so easy that legitimate uses are often suppressed. Denying people control of their own computers is not going to improve this situation.

(Log in to post comments)

Defining DRM

Posted Oct 18, 2006 22:20 UTC (Wed) by sepreece (subscriber, #19270) [Link]

"By DRM I mean a system which enforces some software behavior regardless of what the owner might want. This seems to be the conventional definition of the term, so "Tivoization" is DRM."

I haven't heard "DRM" used this way other than in this discussion of GPLv3. The conventional use of "DRM" is for content control (management of access rights to content). That was my point (and I'm not the only one who has tried to make that point in both this discussion and in the Busybox discussion that was on the same LWN front page). Locking down software is TC, not DRM.

"clearly contracts between vendors are not relevant"

All I can say is, it's not irrelevant to the companies that make consumer electronics, nor to the people who want to buy content despite the DRM that the content owners require. You are, of course, free to consider that they are irrelevant.

"we should not insist on preventing people from changing a cell phone operating system merely because we can imagine disruptive uses."

Well, we DO choose to ban or control some things with dangerous or disruptive uses. So far, the manufacturers, the carriers, and the FCC are on the side of controlling this one. If you can convince them otherwise, then arguing about the GPL would be unnecessary. Changing the GPL isn't a high-leverage approach to convincing them.

"Denying people control of their own computers is not going to improve this situation."

Generally, they're not being denied control of their computers, even if you buy the argument that a cellphone should be considered a computer. They're being denied the ability to access services with untrusted clients. That seems to me to be within the purview of the service providers, regardless of the ownership of the device.

DRM, DRM, DRM

Posted Oct 19, 2006 3:05 UTC (Thu) by GreyWizard (guest, #1026) [Link]

The conventional use of "DRM" is for content control (management of access rights to content).

And in what way does this statement contradict mine? Tivo clearly employs DRM for content control. That the conventional use is content control does not deny the possibility of other uses. The LWN article seems to agree with me, as it refers to the GPLv3 draft provisions that would affect Tivo as "anti-DRM provisions" several times.

Locking down software is TC, not DRM.

First, Trusted Computing is but one technology for locking down software. See http://en.wikipedia.org/wiki/Trusted_Computing for more details. Second, locking down software can be done under the control of the hardware owner or some other party. Since the GPLv3 has no effect on the former case it should be clear that locking down software in general is not what is at issue. We need some term that expresses only the latter. DRM seems to be that term as far as I can tell (though of course DRM can be implemented less effectively without hardware), but if that usage offends you propose another term that doesn't confuse the issue in this way.

All I can say is, it's not irrelevant to the companies that make consumer electronics, nor to the people who want to buy content despite the DRM that the content owners require. You are, of course, free to consider that they are irrelevant.

Here is the text you were responding to: "The question is whether a free software license should attack DRM. [...]clearly contracts between vendors are not relevant." In what way is it unclear that "relevant" means "relevant to the question" in this case? Replacing the plain meaning of those words with the notion that companies making consumer electronics and the people who buy them are "irrelevant" in general is either an incredible failure of comprehension or outright intellectual dishonesty.

Well, we DO choose to ban or control some things with dangerous or disruptive uses.

Cell phone disruption is generally much less dangerous than guns or drugs, to choose two such things over which there is much disagreement. The preferences of established economic powers and the politicians they patronize does not demonstrate that strict regulation in the specific case of cell phone operating systems would be appropriate or reasonable.

Changing the GPL isn't a high-leverage approach to convincing them.

Some people would dispute this claim and many who wouldn't still find ensuring that their software is not used to implement DRM reason enough. But this is a larger issue than the one raised by this thread, which is merely whether DRM has advantages for society as a whole.

Generally, they're not being denied control of their computers, even if you buy the argument that a cellphone should be considered a computer.

I wrote about "denying people control of their own computers" in response to your claim that there is "public demand for content [...]available only under DRM" which was not specifically about cell phones. That said, while one might plausibly argue that control of a cell phone operating system is unimportant or that cell phones are such special purpose devices that freedom is not useful enough to defend (we'll have to agree to disagree on these points) the ability to replace cell phone operating system software is undeniably a form of control and a modern cell phone is most definitely a computer.

Since you've forced me to revisit this, I wish I had noted in my last message that claiming DRM is good for the public because content owners will only release things the public wants under those circumstances is circular reasoning. Suppose the public wants cultural or educational content owned by an organization that refuses to release it without a human sacrifice. Does this demonstrate that human sacrifice is good for society?

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds