Weekly Edition
Return to the Press pageSponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||
Why DRM won't ever work (ZDNet)Samba hacker Jeremy Allison offers his opinion about DRM: "The other party in the transaction, the consumer of the music or movie, is then given the encrypted data, knowledge of what algorithm is used to encrypt the data, and a copy of the encryption key used to encrypt the data. All of these things must be supplied to the consumer in order for them to be able to use the data; without them, there's no way the consumer can listen to or watch the data they've just bought. Yet DRM is supposed to be able to restrict what the customer can do with the data. How can this be done given the fundamental reality of the situation described above? The magic of dilithium crystals?" (Log in to post comments)
DRM Hardware Posted Jun 6, 2007 9:35 UTC (Wed) by Lobais (guest, #36605) [Link] Sadly it can be done. Using DRM Hardware like the stuff in Vista
DRM Hardware Posted Jun 6, 2007 10:02 UTC (Wed) by nix (subscriber, #2304) [Link] Even with a TPM (which contains an inaccessible per-machine secret), the system has to feed the state to be concealed into the TPM for encryption, and it can be captured then. Also, if some piece of state needs to be decrypted using the TPM on your machine to play back a piece of DRMmed content, then the state can be captured post-decryption, or some other random piece of software can ask the TPM to decrypt it instead.
Fundamentally there is no way to distinguish between `good software' which is allowed to decrypt DRMmed content, and `bad software' which is not. Even digital signing only goes so far. In the end any attempt to determine whether a given piece of software is `bad' or not reduces to determining whether two functions have identical effects, which in the general case is equivalent to solving the halting problem in the general case, which is, of course, impossible.
Forget breaking the laws of physics. These guys will have to break *mathematics* if their pipe-dream is to be true. (Locking down the *entire* system, X-Box like, from BIOS down through OS to `trusted' drivers with code signing *and* encryption, to prevent people figuring out what the drivers are doing, also doesn't work. Rather, it only works as long as every part of that stack is secure and all the keys are all completely secret, even though those keys must be available unencrypted to decrypt all that code.)
DRM Hardware Posted Jun 6, 2007 11:21 UTC (Wed) by allesfresser (subscriber, #216) [Link] The thing is, they don't have to break mathematics or physics or even make it completely secure. All they have to do is make sure the majority of their victims (oops, I mean, consumers) *think* it's secure and unbreakable. They just have to make enough on the unwashed, uncaring masses to compensate for the few that know enough to break the system. Of course, making it illegal to discuss security issues and circumvention would help a lot too. But the key point is they just need to keep people in the dark and caring more about their bling than their freedom.
DRM Hardware Posted Jun 6, 2007 12:49 UTC (Wed) by flewellyn (subscriber, #5047) [Link] It only takes one person to find the keys and distribute them. Then everybody KNOWS it's not unbreakable, and the jig is up.
DRM Hardware Posted Jun 6, 2007 16:13 UTC (Wed) by ajross (subscriber, #4563) [Link] Not as far as I can see. The "few" that break the system then put the decrypted copies up on P2P networks and you have exactly the same situation we do today, just with a slight latency penalty due to the added decryption work.
I'm surprised no one has mentioned the analog hole, either. Capturing audio at the waveform level is trivial, even at very high qualities (that's what a recording studio is, after all). And video isn't terribly far behind.
Allison is absolutely correct. All the technology does is make the computers more complicated and expensive and the media distribution more error prone.
DRM Hardware Posted Jun 7, 2007 8:42 UTC (Thu) by drag (subscriber, #31333) [Link] The 'latency' of new titles of DRM'd movies appearing in DRM-free form on the internet should be around 1 hour to 8 hours, depending if the uploader feels the need to re-encode it.
The fundamental flaw in DRM is that you have to give the end user the key in order to decrypt the movie. There is no way around that.
AACS works by not actually providing the key directly, but by using various other keys to generate the final key. It's security through obscurity. Once the 'real' key is found (the proccessing key, I expect) then any movie of that paticular generation can be had at.
AACS is, in the final judgement, a massive experiment of 'security through obscurity'.
Even if you subjected yourself to Vista, it will still be a failure. The much-touted signed drivers that are required for the 64bit version of Vista can be circumvented, thus thwarting the 'secure media path' feature.
Why/How?
Because Vista's kernel can be compromised by end users in a number of ways. Any of those ways lead to code injection and thus you can force Vista's kernel to think that a driver is signed when it realy isn't.
This would still exist if your using TPM, but it would cut off a few paths for the attack.
And then even then the HDMI/HDCP, the 'secure' way to transmit from the computer to the TV screen, has been compromised for a long time. At one point there was a German company selling devices were you could take any HDMI signal and translate it to other digital formats. It was just a adapter for non-HDMI displays, but it did prove that it was broken. People have been saying it's broken for years now, but they can't step forward because of the DMCA and it's not nessicary for them because DRM hasn't even reached the point yet were the 'secure path' even matters yet.
The whole thing is wacky. It's gone. It's blown up in pretty much every possible way.
DRM Hardware Posted Jun 8, 2007 13:47 UTC (Fri) by im14u2c (subscriber, #5246) [Link] In some forms of DRM, the end user is never really given the key, but rather given a device that has the key hidden in hardware. The key may even be per-device, meaning that if you break one device's key, that gets you the content on that device only.
Granted, that gives you DRM-free access to what's currently on the device. If the process of extracting the key renders the device inoperable, though, you've incurred a high cost on the part of the hacker relative to what you've made available.
(I'm thinking in terms of portable media players with per-player keys encoded in fuses or flash on the embedded processor's die, and per-player customized downloads, encrypted on the server side.)
DRM Hardware Posted Jun 7, 2007 10:53 UTC (Thu) by zlynx (subscriber, #2285) [Link] It's even possible to get the high-def digital video, which is what the studios are so worried about.
At some point the data must go into the physical LCD. It isn't encrypted at that point so grab it there.
DRM Hardware Posted Jun 8, 2007 4:57 UTC (Fri) by gyles (subscriber, #1600) [Link] It is encrypted on the link to the monitor (hence the flags mandating HDCP, even if they're not turned on yet). You need to get inside the display to get to the decrypted data. As it is then raw pixel rate data it would be a challenge to capture, although obviously not impossible.
DRM Hardware Posted Jun 13, 2007 6:52 UTC (Wed) by job (guest, #670) [Link] Of course it's encrypted at that point, for the very reasons you state. The whole point of cryptographic DRM is to have an unbroken chain of encryption from hard disk to monitor.
DRM Hardware Posted Jun 19, 2007 20:15 UTC (Tue) by lakeland (subscriber, #1157) [Link] So, you can't stop a few breaking it and uploading their HaXorRed version (is that the current spelling?) But what permits joe 6-pack to download and play those files (or, more realistically, his kids)? Joe 6-pack is running vista 2010, he logs into a P2P network, finds the latest blockbuster movie and downloads it.
He then tries to play it. Windows looks at the DRM, reads the file is clean and gets ready to play. Then it detects Hollywood watermarking and refuses since Hollywood films must have DRM. Oh, and I very deliberately said windows rather than WMP in the example. Windows programs will all have to play via direct X, and the watermarking/DRM check will happen there.
So, my opionion is you'll always get hackers that break any DRM, at least partially for their own intellectual satisfaction. But rather than stopping them, all Hollywood has to do is prevent ordinary uneducated users from using the results and I think that is a fight Hollywood CAN win.
Why DRM won't ever work (ZDNet) Posted Jun 6, 2007 10:07 UTC (Wed) by jonth (subscriber, #4008) [Link] Oh dear. The author either doesn't know or has oversimplified how public key encryption/protection works. In DRM schemes, what the user is given is a (public) decryption key, not the (private) encryption key.
If the complete system is well designed, there is native hardware support for DRM such that only signed binaries have access to certain hardware functions and (most importantly) the private keys are kept secret, then DRM can be made to work.
This statement above is a big if, of course - and so far I can't think of many examples where this has held. To achieve it, all the software running in the "DRM web of trust" would need to be secure. For example, I think that the xbox's DRM was cracked by finding a buffer overflow in an insecure game. And obviously the HD-DVD crack was down to some idiot (or genius, depending on your PoV) leaking the private keys.
Why DRM won't ever work (ZDNet) Posted Jun 6, 2007 11:07 UTC (Wed) by dadillow (subscriber, #10345) [Link] The author either doesn't know or has oversimplified how public key encryption/protection works. In DRM schemes, what the user is given is a (public) decryption key, not the (private) encryption key.He could have worded it better, but the author is right. You don't use public key encryption for large amounts of data, as it is too slow. You encrypt a key for another algorithm, and use that to decrypt the data. Once you recover that key, the data is wide open to whomever knows the algorithm. Even if the private keys are kept in hardware, a determined attacker will be able to eventually recover them. The task is to make it too expensive and/or take too long for the atack to be worth the result.
Why DRM won't ever work (ZDNet) Posted Jun 7, 2007 18:22 UTC (Thu) by freemars (subscriber, #4235) [Link] The task is to make it too expensive and/or take too long for the atack to be worth the result. The problem for the manufacturers is their idea of 'expensive' is tallied in dollars (Euros, Yen...), but for the geeks who would crack DRM, making the system more expensive (= skill, CPU cycles) to crack also increases the payout (= fame). In these terms it is never too expensive -- to the sufficiently geeky.
Why DRM won't ever work (ZDNet) Posted Jun 6, 2007 11:37 UTC (Wed) by jra@samba.org (guest, #35394) [Link] Of course I oversimplified. I'm trying to get the point across to a very broad audiance (including non-technical people).
Yes I'm fully aware of trusted computing systems and how they interact with software, but this isn't the point I was trying to make in the article.
Trusted computing systems in general are not the same as DRM. I'm not going to go into the specifics for a populist piece like that, but don't assume I don't understand the underlying technology :-).
Jeremy.
Why DRM won't ever work (ZDNet) Posted Jun 6, 2007 13:57 UTC (Wed) by khim (subscriber, #9252) [Link] If the complete system is well designed, there is native hardware support for DRM such that only signed binaries have access to certain hardware functions and (most importantly) the private keys are kept secret, then DRM can be made to work. Not really. You must put all such keys and checks into the CPU. Otherwise it'll be broken the same way PlayStation (1, 2 and 3), XBox (both original and 360) and Nintendo (DS, Gamecube and Wii) were broken: by using cheap FPGA matrix. When signature is checked by TPM module - memory returns 100% legitime signed program, when the check is passed - we can feed cracked version to the CPU. Even if everything is put in the CPU you can wait for buffer overflow in firmware (PSP way). Or you can plug into the CPU itself (not something doable by simple end-user but easily doable by guys who'll need this to sell thousands of pirated copies). Either way it does not work: "You can fool all the people some of the time, and some of the people all the time, but you cannot fool all the people all the time". DRM need the ability to foll all the people all the time... It's possible to make DRM unbreakable, but it's so costly and unfriendly to the end user that such ahrdware will just fail in the marketplace...
Why DRM won't ever work (ZDNet) Posted Jun 7, 2007 5:46 UTC (Thu) by ekj (subscriber, #1524) [Link] You are wrong. public-key encryption helps in this case precisely not at all. The fundamentals of the situation:
But the encryption cares not at all what the user is going to do with it after it's decrypted. Either the user *DO* have all the information needed to decrypt (in which case he can do anything) or he does NOT have all the information needed to decrypt, in which case he cannot see the content at all. The fundamental problem is that the intended recipient and the potential attacker is one and the same person. This cannot work. It is very much comparable to me wanting to send you a letter in such a way that you can *read* the letter, but you *cannot* read the letter aloud. That's very obviously nonsense. If you can, infact, read it, then you can also read it in any damn way you please. Closed hardware, trying to keep the keys and the decrypted content away from the user can *help*, making it *trickier*. But they don't change the fundamental problem at all.
Cory Doctorow's DRM talk at Microsoft Posted Jun 6, 2007 11:15 UTC (Wed) by jabby (guest, #2648) [Link] This immediately brings to mind Cory Doctorow's anti-DRM talk, which is about 3 years old now.
http://www.craphound.com/msftdrm.txt
This is really a priceless document, thoroughly explaining the futility of DRM.
Why DRM won't ever work (ZDNet) Posted Jun 6, 2007 15:56 UTC (Wed) by smitty_one_each (subscriber, #28989) [Link] I dunno. I can see hardware getting cheap enough that you basically buy a trade paperback of, say, The Fellowship of the Ring, that can also play the movie on the cover. Closed system, letting you watch it as often as you like. Maybe there is some sort of support deal, whereby you can upgrade if they come out with a better version or replace it when it wears out.At that point, you either agree with the way they implemented things, or you don't buy it. The chief complaint I have with DRM is that it puts evil at the heart of my hardware, and I'm left to trust some vendor that someone in <bad place> can't subvert the technology. Right.
DRM does work, and it is working. Posted Jun 7, 2007 1:55 UTC (Thu) by myopiate (subscriber, #41091) [Link] DRM in the context of content distribution is not about being a "perfect" system. It's about maximizing the profit window. It does this by putting up obstacles in the way of unauthorized distribution. This increases the time the publisher has a distribution monopoly, thus increasing the amount of profit it can make on the sale of the product. It's end goal is not to be an uncrackable system, but a SHORT TERM way to get maximum returns on an investment.
The only way to stop DRMimg of content is to not WANT the content that it protects. The large movie studios are so good at marketing their movies that lots of people really want to see them. Want is mistaken for "need" and people get upset when something gets in the way of their "need", hence getting upset at DRM.
It may sound like I'm from outer space (sometimes I think I might be) but there are other forms of entertainment and other ways to occupy your time. Try them out.
Now... the application of DRM in the context of free software is a different issue to this. Putting DRM on GPL'd software is stealing public property and their should be laws against it.
DRM does work, and it is working. Posted Jun 8, 2007 16:59 UTC (Fri) by rmstar (guest, #3672) [Link] DRM in the context of content distribution is not about being a "perfect" system.[...]t's end goal is not to be an uncrackable system, but a SHORT TERM way to get maximum returns on an investment. You can crack audio DRM by recording using analog equipment at negligible quality loss. Video DRM has the same problem. No one who wants to crack DRM needs to have a PhD in encryption, just the little bit of will.
Why DRM won't ever work (ZDNet) Posted Jun 13, 2007 6:55 UTC (Wed) by job (guest, #670) [Link] Why does Jeremy Allison write this? I'm sure he's got a better understanding than most of us where the industry is heading with Palladium/NGSCB, and his description here is simplified and silly. So why indeed? To raise awareness about DRM? I'm afraid he's preaching to the already converted here.
Why DRM won't ever work (ZDNet) Posted Jun 18, 2007 12:59 UTC (Mon) by jra@samba.org (guest, #35394) [Link] Yes, I write it to raise awareness about DRM. It's written for non-technical people. If you think it's too simplified and silly, try doing this yourself. The feedback I got from most non-technical readers was that it was helpful and illuminating and illustrated something they hadn't thought of before, so I considered it a success.
Sitting in your smug "I understand technology" world you completely ignore the people who could care less about the details, but are interested in how this will restrict their freedom, and are perfectly willing to help change behaviour once they understand something of the problem.
Jeremy.
|
|||||||||||