Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Programming IT Technology

Report from the ACM DRM Workshop 274

Anonymous Coward writes "There's open skepticism from researchers about the ability of DRM to solve Hollywood's copy protection problems. Read Edward Felten's review here... Papers from the workshop are available online as well."
This discussion has been archived. No new comments can be posted.

Report from the ACM DRM Workshop

Comments Filter:
  • Watermarking (Score:5, Insightful)

    by dolby2 ( 196255 ) on Tuesday November 19, 2002 @04:18PM (#4710101) Homepage Journal
    I just wish they would give it up, its only a matter of time when they come out with some type of copy protection, that someone will come up with a way of defeating it. Meanwhile we (the consumer) suffer because we get things like cd's we can't play in our computer.
    • It's even worse than that. People have been purchasing cd's they can't even play in their car or home stereo.

      Pretty sad.
      • If that's the case, they should return them. Will it ever be possible ignore the constant barrage of subliminal ("sublimnibable"?) and liminal commands to PURCHASE, CONSUME, and WASTE and implement an effective boycott of all things DRM? I mean, we're talking CD's here, not FOOD! Votes, letters, and faxes won't do diddly. This is America folks: money is god. Remember, their money is yours first. Don't give it to them without a fight!
      • People can just rip those CDs to MP3. Most car sterios play CD-Rom's full of MP3s these days.

        Nevermind that this is exactly what the technology is supposed to prevent. It certanly dosn't :P
    • Re:Watermarking (Score:4, Insightful)

      by r0xah ( 625882 ) on Tuesday November 19, 2002 @04:39PM (#4710315)
      It is going to be bad when all music comes with a EULA thrown into the little booklet and the music companies decide that since you listen to the music in an unacceptable manor (ex: saved on your computer, on an unsupported portable device, etc.) that you are void from being able to listen to what you have bought... and the music is expired.
      • Re:Watermarking (Score:5, Informative)

        by Camulus ( 578128 ) on Tuesday November 19, 2002 @04:53PM (#4710437) Journal
        This is a good reason to support Congressman Boucher and the Digital Choice and Freedom Act of 2002. They are trying to actually get fair rights usage on the law books, not just as court case precidents (esp. since the DMCA stripped a lot of our rights away and this takes some back). It is not slated to appear this congressional session. However, it never hurts to start calling your Reps and asking them to sponsor the bill.

        Info on the bill [house.gov]

        /end paranoid sounding political rant
        • Re:Watermarking (Score:3, Informative)

          I would recomend sending a professinaly writen *snail mail* about this bill. I have always found I get personal letters when I do so.

          Make sure you play the "partyline" and "supporting my views" somewhere in your letter. It also doesn't hurt to explain how copyright works (my old congresscriter actually didn't really have a firm grasp if I am to judge by his first reply to a mailing) and why it is important to protect the public domain or abolish copyright.

          Partline arguments:
          R=increased goverment rights given at the expense of the citizens inherent right to copy in an effort to protect a buisness model.
          D=increased corperate control given at the expense of the consumer in an effort to save a failing buisness model.

          It also helps not to use the words "failing buisness model" if you don't have the qualifications to make that statment. Just be honest and clear (at most 4 paragraphs, a strong thesis and a clear closing)
    • Encryption (Score:3, Interesting)

      by s20451 ( 410424 )
      <facetious>
      I wish people would give up on this encryption thing, it's only a matter of time when they come out with some type of code, that someone will come up with a way of defeating it. Meanwhile we suffer because we can't read each other's juicy e-mails.
      </facetious>
    • ...will kill any attempt for DRM. DRM stops being effective at the component output level. But at the point where it has to pass a digital signal, DRM loses. So my computer won't let me access the section of memory with the "movie," fine. I'll just use two computers. One has a "movie" I can't touch, but ultimately I can get my hands on the digital video feed from my vid card and the digital sound feed from my sound card. How hard is it to then have a second computer, with the sound feed going into the "line in" and the digital video feed going into a video capture card? Then just splice the sound and video together. And since the pirating scene depends on really a few groups, soon after release on DVD a big MPEG will go up, DRM or no, in near-DVD quality. So I don't know who they're fooling.
      • I'm sorry, but do you think Microsoft and other big DRM investing companies haven't thought about this? Get real.

        Just one of many links can be found here: http://www6.tomshardware.com/mobile/02q2/020419/ju keboxIII-08.html which explains Creative Labs (a huge Sound Card maker) starting to incorporate DRM into their products.

        Sure, you can use your old sound cards. Until they expire. By that time, all sound cards will have DRM in them. If you find a manufacturer that doesn't put DRM in, it will be illegal. So it goes.

        Trust me, they have thought about a bunch of angles on this. Even all video cards are going to support DRM eventually.

        Though my roommate (the capitalist) begs to differ, proclaiming that in a capitalist society, someone will find a way to sell non-DRM products.. but if nothing else works with them.. how effective will they really be?

        cheers,

        k.
        • by siskbc ( 598067 )
          Yes, they have made it clear that they will go after component manufacturers, but there are a few problems. First, industry standards are non-DRM. For a sound card manufacturer to be Dolby compliant, I don't know how they will accomplish this without crippling hardware. Second, component hardware manufacturers have been a lot less willing than Intel. Assuming that they will ALL go along is questionable - and your link didn't have a firm commitment from Creative.

          I do think that it's a long way from assuming this is dead. I don't think it's at all clear, yet, that they will get output-level protection - though they do want it.
        • Your capitalist friend is out to lunch, because if this were a capitalist society, we wouldn't have laws mandating stupid things like DRM in the first place.
      • by outlier ( 64928 ) on Tuesday November 19, 2002 @06:28PM (#4711142)
        Two problems:

        1. This stops working when all new components have DRM built into them.

        But let's say you save your old equipment and can access the data, then:

        2. Just because *you* may be able to come up with a solution, it doesn't mean that the problem goes away. The fact is, if this allows content providers to hinder the ability of law abiding citizens to exercise their fair use rights, then that's a Bad Thing.

        Think of DRM circumvention as if it were spam blocking. Which would be better, a) you block your incoming spam, or b) there is no more spam. From your perspective, option a is fine, but spammers don't care. As long as option b doesn't happen, they are happy.

        Content providers don't care if a few techies manage to watch their DVDs on Linux boxes or listen to protected music on unapproved devices. If most people are subjected to the imposed constraints, then they're happy. Just because you can avoid the problem doesn't mean the problem isn't there.

        We shouldn't focus solely on avoiding the problems, we should be working on making the problems go away (e.g., supporting legislation that returns our fair use rights).
    • Meanwhile we (the consumer) suffer because we get things like cd's we can't play in our computer.

      They may look like CD's, but they are not. Return it and demand to get your money back. (Or an exchange for a real CD which is of course impossible because the title is not available on CD.)
  • by Anonymous Coward on Tuesday November 19, 2002 @04:20PM (#4710132)
    DRM is threatening now. We don't know what sort of gimmick they're going to come out with to defeat piracy. Once it's out, it'll stop piracy for a short term. At least untill someone whips out a, "sharpie pen exploit."

    The pirates and anyone interested in defeating DRM have one advantage over the RIAA/MPAA - We do it for free. They have development costs. We don't. We contrive functionality not merely due to a desire to pirate, but because it is fun.

    I'm a geek. I get bored.
    • They have learned. Yes, the ability to defeat DRM mechanisms will always exist. However, the cost to defeat those mechanisms will grow with each new iteration.

      Anyone can afford the Sharpie pen required to defeat today's protection scheme. But who will be able to afford the in-circuit emulator or logic analyzer needed to defeat tomorrow's scheme?

    • . At least untill someone whips out a, "sharpie pen exploit."

      You know, they should have arrested that football guy for possessing (and flaunting!) a circumvention device.
  • Yup, pretty much.. (Score:5, Interesting)

    by schon ( 31600 ) on Tuesday November 19, 2002 @04:20PM (#4710139)
    There's open skepticism from researchers about the ability of DRM to solve Hollywood's copy protection problems

    In May I attended a meeting on amending Canada's copyright laws to include DRM protection.. one of the guys there owns a company that does encryption research.. his statement basically said "the application of encryption technology to prevent copying is fundamentally flawed"

    Indeed, someone who makes his living doing what the entertainment industry wants, and he says it can't be done.

    I'm glad that researchers are finally speaking up about this.
    • by bogie ( 31020 )
      "I'm glad that researchers are finally speaking up about this."

      But its already too late for that. DRM is here now and being rolled out. Its also readily apparent that both Microsoft and Big Media have bet the farm on DRM.

      I wouldn't bet on this changing anything, in fact with the current Orwellian government which we just elected, I wouldn't be surprised if such discussions become outlawed.
      • Its also readily apparent that both Microsoft and Big Media have bet the farm on DRM.

        Cool. I guess we're all about to win farms.
      • by Azog ( 20907 ) on Tuesday November 19, 2002 @05:58PM (#4710932) Homepage
        Its also readily apparent that both Microsoft and Big Media have bet the farm on DRM.
        I disagree - two of the papers at the conference were presented by Microsoft Research people. They are quite interesting, one shows how to defeat any currently deployed watermarking scheme, and the other discusses the bigger picture of DRM and watermarking vs. peer to peer networks and other forms of file sharing.

        Both papers are very sceptical of DRM.

        Microsoft may be playing the DRM game for now, but I'm sure it's just a temporary thing... if they convince Hollywood and the record studios that Windows Media Player is the "only secure" format, they will potentially gain a short term advantage over the competition. And in this industry, a short term advantage can be leveraged into a long term industry lead... Profit !

        Yeah, in the long run all the schemes will be broken and Microsoft knows it, but they're happy to play the game for now.
    • Researcher allowed to talk bad about DRM?

      And the DCMA allowed this? What loophole?
    • If DRM worked they wouldn't need laws to protect it. You wouldn't need laws to make it illigal to break the protection because you wouldn't be able to break it.

      Hollywood knows it doesn't work, that's why they need the laws.

      Darwin O'Connor
  • by mini me ( 132455 ) on Tuesday November 19, 2002 @04:21PM (#4710146)
    It worked for this post...

    Bar, Qrpelcg QEZ cebgrpgrq zrqvn
    Gjb, Dhrfgvba Znex, Dhrfgvba Znex, Dhrfgvba Znex
    Guerr, Cebsvg Rkpynzngvba Znex, Rkpynzngvba Znex, Rkpynzngvba Znex
  • I think... (Score:3, Funny)

    by extagboy ( 60672 ) on Tuesday November 19, 2002 @04:23PM (#4710171) Homepage
    they should watermark paper. That way noone could copy it!

    Oh wait...
  • by Prince_Ali ( 614163 ) on Tuesday November 19, 2002 @04:24PM (#4710176) Journal
    If DRM could be implemented without restricting access to memory in my own computer I probably wouldn't mind it so much. The problem is that DRM cannot be implemented without this restriction. Any encrypted file will have to be decrypted, and that means that I can dump memory and get the unencrypted value. DRM will never work without taking away certain things about a computer that make it the extremely useful tool that it is.
    • by Iguanaphobic ( 31670 ) on Tuesday November 19, 2002 @04:36PM (#4710293)
      Any encrypted file will have to be decrypted, and that means that I can dump memory and get the unencrypted value.

      That's only the first step. You can hear and see. It's only a matter of time until you try to tell your friends about what you've seen and heard. I'm afraid that we need to restrict the output from your mouth (tongue removal), restrict the output of your hands (finger removal) and that last bastion of binary communication, your eyelids. (Eeeewww, gross). This will be required to protect our IP from you, you nasty pirate. Now, we want all of this done at birth, so no one will ever have the opportunity to pirate our IP. End of problem.

    • "If DRM could be implemented without restricting access to memory in my own computer I probably wouldn't mind it so much. The problem is that DRM cannot be implemented without this restriction."

      Wrong! DRM could be implemented in hardware in the soundcard. So the music never gets decripted by the CPU.

      Or even the music could be decripted by digital speakers so the only way you'ld have to make a copy is with a microphone. That only until a system like Macrovision [macrovision.com] is made for sound.

      I recommend reading this essay [discover.com]

      • Unlikely, if not an impossible suggestion. To create sound, something allways has to fibrate (even if you use some kind of hypothetical electromagnetic wave to create energy focussed enough to compress and widen the air density in a travceling waveform). To get something to vibrate, you'll need current. No matter what DRM type you use, someone can ALLWAYS tap the wire before it reaches the actual vibrating system; maybe even at the system itself.

        Actually, the same case can be made for monitors: there's allways the termination point of the computing system to the actual display mechanism. Even if somehow the DRM is built into the monitor, there's always that connection point to 'listen in' on.
    • What do you think Palladium is? It makes it impossible to see what is in memory. Read up Palladium... it will scare you more than anything else.
  • by russotto ( 537200 ) on Tuesday November 19, 2002 @04:26PM (#4710199) Journal
    I'd be interested in knowing how many people _didn't_ appear or present papers at this workshop due to the DMCA.
  • by Rational Nerd ( 624214 ) <.j_pursel. .at. .hotmail.com.> on Tuesday November 19, 2002 @04:28PM (#4710219)
    As long as we can get the encoded version (on the disc) and decoded version (out the speaker or monitor) of media (music, movies) then copy protection is doomed.
    • by Sheetrock ( 152993 ) on Tuesday November 19, 2002 @04:47PM (#4710392) Homepage Journal
      While true that companies seek a way to wrap their media in such a way as to make it impossible to copy (the ideal), right now they'll settle for forcing some level of degradation into the copies to add a practical factor preventing the limitless illegal distribution from one source of their content.

      I had the opportunity to engage a luminary in the field in friendly discussion at a September DRM luncheon in Prague. He made it clear that despite the feelings of a vocal minority (us), copy protection will be accepted if not welcomed by the general population. Consumers in both Europe and Japan currently purchase such content with minimal complaint, and it seems even more likely in field testing that America will actually desire the copy protection if they are told it will lead to better sound and picture quality.

      Granted, he was working within the industry, but the devastating piracy figures in a recent poll conducted among computer users made it clear that DRM will save the industry a lot of money. The poll, performed by blind surveying at three recent trade shows across the U.S., showed a staggering amount of pirated content; broken down by operating system of preference (to see what kind of effect DeCSS has had) apparently Windows users 'only' pirate about a quarter of their movie content, against Linux users' 67% and Macintosh 30%.

      In the wake of this information, and the lackluster performance of the music industry in recent years, it is little wonder that they're adopting a 'Chicken Little' approach -- for them, the sky truly is falling. Hopefully, a reasonable compromise between our rights to do with our hardware as we will and the rights of copyright holders to be renumerated for their efforts will be struck; however, I am assured that if one will give, it will be the continuance of Open Source media decoders.

      • by bartash ( 93498 ) on Tuesday November 19, 2002 @05:06PM (#4710544)
        Consumers in both Europe and Japan currently purchase such content with minimal complaint

        What are you talking about? What copy protected content do European consumers purchase? DVDs maybe but I heard they were available in the US too.

        America will actually desire the copy protection if they are told it will lead to better sound and picture quality

        So everyone will believe what they are told? Clearly there is no technical relation between better sound and picture quality and DRM.

        Granted, he was working within the industry

        And you believed what you were told.
      • ...and the rights of copyright holders to be renumerated for their efforts...

        No such right exists. In the strictest sense, I only have a right to however much others are willing to give me for my goods or services. I do not have a right to be paid for what I'm doing irrespective of the willingness of others to pay for it. They have the right to attempt to encrypt what they make, but they do not have the right to criminal or civil action if I break said encryption.

        Admittedly, the law grants them a temporary monopoly on the market for said product, but that is all the law grants, no more, no less. Not everything the law grants is a right, though. Social Security, welfare, and a number of other things that the current law grants for are not rights. Perhaps we should refer to them as copygrants instead of copyrights from now on to make the distinction.

        BG
      • Granted, he was working within the industry, but the devastating piracy figures in a recent poll conducted among computer users made it clear that DRM will save the industry a lot of money.

        How is piracy even costing them money? Even the assumption that each pirated copy is lost revenue is a fallacy since it assumes that all the pirated copies would have been purchased if the pirate copy wasn't available.

        The assumption that pirated copies of anything cause the seller to accrue costs is pure fantasy, unless you're disingenuous enough to include the cost of their antipiracy efforts.

        The fact is that copying content doesn't cost the original issuer anything. I'd only grant them about 10% lost sales due to piracy -- many people who pirate just get it because they can, not because they want it.
      • Yes, degradation will occur in any analog capture of a digital presentation. This degradation will not be a sufficient motive to stop most people from making copies. Once the analog capture is itself digititized, it will not degrade further.

        If care is taken to get a quality analog capture, the degradation may not even be apparent. I believe acceptable rips can be made by filming LCD screens. Darken the room. Toy with the settings on a large quality monitor and quality camera until the result looks as good as you can get it. It wouldn't look that bad at all.

        Even if the result is somewhat degraded, it will be traded anyway. Many of us use lame presets to make the best quality VBR mp3s possible while not wasting disk unecessarily. Most people aren't that careful. The most common type of file on the p2p networks are 128kb MP3s. The quality of those isn't much better than the songs I used to tape off the radio when I was a kid. And the RIAA gets excited about that? Sheesh!

        The ??AAs are smoking crack again. Slight degradation from analog ripping isn't stopping anybody.
    • by Planesdragon ( 210349 ) <slashdot&castlesteelstone,us> on Tuesday November 19, 2002 @04:50PM (#4710412) Homepage Journal
      As long as we can get the encoded version (on the disc) and decoded version (out the speaker or monitor) of media (music, movies) then copy protection is doomed.

      You misunderstand. RIAA doesn't need to make copying impossible--they just need to raise sufficient barriers so that an equal-copy version is harder to get than walking to the store and buying one.

      They don't even have to worry about price right now--they just need to make the most convenient method of getting a copy of re-listenable (as opposed to broadcast) music to get it from them.

      (Yeah, and online delivery would be the best way to get it--but that sorta requires DRM at the moment...)
      • they just need to raise sufficient barriers so that an equal-copy version is harder to get than walking to the store and buying one. ...because this is so much easier than just lowering prices to achieve the same effect.
        • because this is so much easier than just lowering prices to achieve the same effect.

          No, it isn't. It's entirely different.

          I don't bother to try and exchange tapes of anime--even the legal ones--beause it's more convenient to buy it at the store or watch it on TV.

          I _do_ exchange song files, and I try to be legal and buy the CD--but it's so much more hassle to buy the CDs and record the MP3s so they're how I use them than to go out and get the files from someone who's allready done it.

          If RIAA could make a delivery mechanism that was as convenient as Napster was and some P2P networks are, they'd win even if the other network was still cheaper. At least, they'd win this battle, and then they could start fighting the next one.
    • Swell, now you've fixed half of the problem created by this crap. What about the other half: that indy content won't be playable on mainstream consumer equipment, because it will lack the expensive-to-license watermark.

      You'll be able to listen to all the pirated Britney that you want, but your 2012 equipment won't be able to play the bands that you like. You'll have to pull out the old stuff from 2002 to play that music.

  • 'Bout time... (Score:5, Insightful)

    by pla ( 258480 ) on Tuesday November 19, 2002 @04:36PM (#4710295) Journal
    While I agree with one person's comment, that this level of response won't make any difference *policy wise*, it strikes me as an important step that engineers *in the industry* have started saying quite blunty, "this won't work".

    Having a million random geeks say "we can break anything you throw at us" carries little weight - the non-techies coming up with these crackpot schemes just assure themselves that *their* idea will make fools of the collected geeks of the world.

    OTOH, having the very geeks PAID to design and implement these ideas say "uh, well, no, it really won't work all that well" means quite a lot more. Obviously, mr. clueless exec's first response would consist of firing any naysayers. After the 10th or 20th person to say "no, really, this won't work, it doesn't matter if you threaten to fire me", they *might* start to get the idea that they have at least a somewhat difficult goal.

    This might mark a turning point. Not necessarily for the better, since I expect the next set of ideas to involve a lot of annoying-as-hell hardware-level DRM, but since even that will unavoidably fail, we have taken a step toward the road back to sanity.

    I hope. The RIAA and MPAA could always try to get the death penalty for music pirates. ;-)

    "Whad'ja do, man?"
    "Downloaded an MP3 of Brandenberg Concerto #3"
    "Uh, I thought that would have gone PD by now"
    "Nah, when Disney discovered a 14th century precedent for Mickey, they had copyrights retroactively extended back for a full millenium."
    "Bummer"
    "Yeah. But at least I only *downloaded* a copy, I just get flogged plus the standard 20 year sentence. A buddy of mine made Mozart's 19th string quartet available on a file sharing network. Poor bastard, they dragged his wife and kids out into the street and shot them all, then at the actual hearing sentenced him to death by impalement in front of RIAA HQ."
  • by inode_buddha ( 576844 ) on Tuesday November 19, 2002 @04:41PM (#4710332) Journal
    has nothing to do with the machinery, technologies, protocols, etc. It has everything to do with people. Even if the DRM technologies were perfected right now, people would still find a way around it. Why? Because they want to. IMHO we all need to remember that a system isn't just the hardware, software, and logical bits. The system also includes the people; people who create the hardware and software; people who manage and use it; people who create content, etc. People who give it all a purpose. I've never seen any hardware or software that has a purpose by itself; people give it that purpose, and it is reflected in the design. If someone's purpose is to crack DRM schemes, they will probably do so.

    • the REAL reason why DRM will fail has nothing to do with the machinery, technologies, protocols, etc. It has everything to do with people. Even if the DRM technologies were perfected right now, people would still find a way around it. Why? Because they want to.

      Well said! Everyone, repeat after me:

      • You cannot solve technological problems through social means.
      • Conversely, you cannot solve social problems through technological means.
      DRM per se is fine. It's a technology, neither good nor evil. (In an ideal world, of course, it wouldn't be a necessary technology, but that's an argument for another day.) Its de facto application, however, is to attempt to solve a social problem, copyright infringement, hence it is doomed to fail.
  • by crazyphilman ( 609923 ) on Tuesday November 19, 2002 @04:56PM (#4710464) Journal
    I think the real problem with DRM as Hollywood types are trying to implement it is that they're so unimaginative they can't envision a scenario in which online offerings are accessed with anything besides a general-purpose computer. Basically, it's the same old Hollywood problem all over again: they can't picture anything new themselves, so they keep rehashing existing things ad nauseum.

    Instead of trying to wreck or cripple personal computers, why aren't they trying to build a new special-purpose media device with the decryption method in hardware and the case sealed? Doing this would let them implement DRM in any way they chose without interfering with anyone's work, it would give them a new product to sell, and it would probably leave everyone happy. Not just happy; probably delighted.

    Some other benefits of such a product would be that they could control what connectors are installed, they could play with the way the screen is painted so it wouldn't appear well on videotape (remember how old CRTs wouldn't show up well on videotape because of how the scan lines were generated?) and they could build in a temporary storage function which would let you time-shift or do any other thing you wanted.

    Think about it: this would give them everything they want. They could put A/V content on the web in a proprietary encrypted format, so they wouldn't have to worry about all us Linux guys downloading their precious files, people would have access to the content as part of their cable service, they'd get either a cheapo low-end model free or buy the premium system (the cell phone model)... And, everyone is happy. I can browse the non-DRM web with my Red Hat box, or turn on my content system when I want to do something requiring DRM. It's totally win-win.

    Sometimes I think the MPAA and RIAA are asleep at the switch. None of these legal maneuverings are necessary! Build the little custom media system, stop producing videotapes, switch over to encrypted online streams and DVDs, and freakin' relax. Drop the idea that everything has to run on a PC, for Christ's sake.

    Of course, this is just my opinion and they're not going to listen. But, wouldn't it be nice if they did?
    • why aren't they trying to build a new special-purpose media device with the decryption method in hardware and the case sealed?

      You mean like the Micro Music Clip Players [toysnjoys.com]? :-)

    • They could put A/V content on the web in a proprietary encrypted format, so they wouldn't have to worry about all us Linux guys downloading their precious files

      Until some Linux guy puts a proxy between the player and the internet, captures the files en route, and then cracks the proprietary encryption.

      I agree the fundamental problem here is lack of imagination on the part of the **IA members, but I think the real solution will be in the form of making the content compelling enough, and cheap enough, that there'll be no motivation to steal it. Which ultimately means settling for big profits instead of obscene ones.

      The point of the original article seems to be that any DRM, whether in hardware, software, purhased laws, or all three, is doomed to failure.

      • Quoth Larne: "Until some Linux guy puts a proxy between the player and the internet, captures the files en route, and then cracks the proprietary encryption."

        Ah, the reason that proprietary encryption systems have been cracked in the past has been that companies weren't trying very hard to encrypt the data. I see their attempts as token efforts, really. I think if they really, truly made an effort, they'd manage a system that would be very hard to crack. I'm not saying they should use RSA with really huge keys, but surely they can do better than they have in the past. I think you're a little too optimistic about the chances of the home user Vs. a properly funded research effort with an academic staff.

        In my dream system, each system would be given a public and private key at the factory. When the system connected up to the provider, it would transmit its public key. The provider would encrypt for that key, and the viewer would decrypt ONLY within its own memory space.

        You could make the case that some goober is going to strip the cable to the LCD, and try to capture the signal that way, but they can use a proprietary video system, limiting the usefulness of such a thing. And, of course, if it was me, I'd booby-trap the system so that it basically ate itself if a user tried to crack it open. A few dozen volts in a spike across the motherboard, for instance. But that's just me.

        Quoth Larne: "I agree the fundamental problem here is lack of imagination on the part of the **IA members, but I think the real solution will be in the form of making the content compelling enough, and cheap enough, that there'll be no motivation to steal it. Which ultimately means settling for big profits instead of obscene ones."

        Jeez, I keep hearing this, and man, you've got to give it up. Content companies don't want to hear it. They want the obscene profits, and they're willing to destroy YOUR PC to make that happen. My idea is to give them a more palatable, more profitable alternative, let them move away from PCs entirely, and allow all the little children to play nice together. Any solution which requires that content companies actually charge a fair price for their goods is doomed to failure. They're never going to agree to it. Think about it.

        Quoth Larne: "The point of the original article seems to be that any DRM, whether in hardware, software, purhased laws, or all three, is doomed to failure."

        Which I disagree with. DRM as it is currently being considered is of course doomed because it interferes with what people want to do and they're going to rebel. But, done more sensibly, it doesn't have to be that way. Look at the cable television market. I have premium cable, right? And, I have a digital cable box under my TV. Thus, I have access to like, fifty movie channels and so on and so forth, and my neighbor can't see them even if he taps my cable because he doesn't have the console. So it doesn't matter if he taps it or not.

        Descramblers do exist, but cable companies regularly short them out with brief bursts over the line, and they have ways of detecting them and sending out an angry "cable guy".

        Anyway, most people like the service as-is, and get the set-top box. It's cheap, it's no hassle, and it works great.

        My point is, if the technology is as streamlined and unobtrusive as the cable set-top box, everyone will have one and no one will bother trying to defeat the DRM in it. It just won't be worth it. The system itself will be cheap enough that everyone will have a copy, and that'll be that. You'll be able to get content subscriptions of some sort, and there'll be pay per view and other special purchases -- kinda like cable.

        I just think everyone's looking at this situation in the wrong way.

    • I think your suggestion was the smartest thing i have read in years. A PC is easily modified and programmable and thus always breakable. A sealed custom made system would be much harder to break. Your solution is the best one ever. If you dont want something pirated, dont ever put it on a PC!

      Damn smart, im impressed!
    • by sqlrob ( 173498 ) on Tuesday November 19, 2002 @05:49PM (#4710870)
      Instead of trying to wreck or cripple personal computers, why aren't they trying to build a new special-purpose media device with the decryption method in hardware and the case sealed? Doing this would let them implement DRM in any way they chose without interfering with anyone's work, it would give them a new product to sell, and it would probably leave everyone happy. Not just happy; probably delighted

      You mean like DIVX? We all know how well that worked

  • How typical (Score:2, Insightful)

    by kkith ( 551310 )
    How typical of Microsoft.

    Notice that everyone else uses .pdf (somewhat more Linux friendly) and the
    two representatives of MS posted .doc (save the paper from the Law paper)
    as if they were accentuating the fact that they were from Microsoft and too
    good for .pdf
  • The intention of DRM (Score:5, Informative)

    by Superfreaker ( 581067 ) on Tuesday November 19, 2002 @05:04PM (#4710522) Homepage Journal
    I am developing a DRM solution for a major record label. I am a loving slashdot poster and feel the same as all of you. But the client wanted it and I had to oblige or not get the contratc.

    I had to implement Windows DRM on Windows Audio files. The Windows DRM server is a mess. With no support, incomplete and documentation that flat out LIES. They LIE repeatedly through the documentation, or they simply make statements in one instance that directly conflict with others. FYI, the windows development community is outstanding. There are tons of free apps and sample code. This is the first time I've ever had to rely soley on MS for support as there is no community for DRM. It was a horrible experience.

    With all of that aside, I did get it built. The record companies know how well DRM works, especially on .wma files. I had the same opinions of the recording industry as many of you. Like "they are dumb, they should be doing..." What you (and I) don't realize, is that they have access to much more information than we do. They DO know everything. They DO have their reasons for their implementation.s They have thought it out.

    They don't care if DRM only partially works. That is all it needs to do. With the low costs of distribution, they can model the risk/reward, profit/loss easily. Volume is the key in the recording industry.

    Many people WILL buy the albums/songs regardless if the technology can be circumvented. ANY technology on any platform has their open flaws, this is just another. As we all do, they play the %'s.

    My $.02, it may not mean much, but I have seen it all in a new light.
    • "Many people WILL buy the albums/songs regardless if the technology can be circumvented. ANY technology on any platform has their open flaws, this is just another. As we all do, they play the %'s."

      I don't think so. Look at Divx. It failed very quickly and it had all those "smart guys that know everything" looking at it.

      I think if content is locked down so well that average people could never copy it, then it will be ignored. People will simply gravitate to some other form of entertainment.

    • So, you're saying DRM won't stop the pirates, it only inconviences and takes away fair use rights from legitimate customers, *and* the record companies know this.

      What we really need are laws to make that sort of thing illegal, instead of the laws that actually legalize it. The whole thing is backwards.
    • Most windows developer documentation is a mixture of lies and statements that are either no longer true or statements that are only true in a mysterious parallel universe where things get designed. Whole books about windows are outright lies, like Inside Windows NT, that has whole chapters about things (like the memory manager and how it expands its swap space dynamically) that are blatantly untrue to anyone who has used up their memory space.

      Welcome ot the worlds of windows programming.
    • by deblau ( 68023 )
      I am developing a DRM solution for a major record label. I am a loving slashdot poster and feel the same as all of you. But the client wanted it and I had to oblige or not get the contract.

      I hate to break you the bad news, because I like loving slashdotters, but you're part of the problem. I don't blame you, because the job market sucks right now, but nevertheless there we are. You see, ??AA only succeed because they can hire bright guys to code them stuff. The best way to kill them is to go after their braintrust. If this means refusing a job on moral grounds, so be it. Easy to say, hard to do, especially in this environment, but I personally have done it, and I'm not exactly swimming in cash. I have a mortgage payment due the first of every month, and I may have to sell my house soon to cover expenses. But I won't work for the MPAA or RIAA. I'd sooner put my college degree to good use flinging burgers at a local grease joint.

  • Is PKI the answer? (Score:3, Insightful)

    by autopr0n ( 534291 ) on Tuesday November 19, 2002 @05:04PM (#4710523) Homepage Journal
    Actually, I think it is possible to create a DRM-Happy world. Just put PKI on everything and encrypt everything with it. Use decently sized keys, etc. If you manage figure out how to get the private key out of a device, the bad guys just need to refuse to re-certify that device and give it a new private key (all of these devices will need some kind of network connection. Could be a big boon to pervasive wifi...)

    Of course, all of the information will be able to be 'downgraded' to old formats by redigitizing the analog signal. But with legislation like SSSCA/CDPTPA (or whatever) anything that can do that is illegal. illegal doesn't mean inaccessible, but it's probably good enough for the RIAA/MPAA/Microsoft.

    It won't be perfict, but you can't have perfectly secure communication either (what with keyboard sniffers and the like). That doesn't mean you can't get very, very close.
  • Given that the last couple of big movies, the pirate copy was made with a cam-corder.

    Given that having people distribute home made movies is legal, and in fact, something that should be encouraged.

    Making said movie in a movie theater while a film is showing, THAT isn't legal, but I don't see a technological solution to where people point their cameras
  • by daedalus22 ( 449463 ) on Tuesday November 19, 2002 @05:10PM (#4710574)
    Digital copy protection schemes are usesless because it only take a good capture of the presentation of the material to defeat. Examples:
    analog recording of stereo audio output from a
    CD player; video camera in the movie theater. So long as the capture device can reproduce good enough quality of the presentation, it's a moot
    point trying to protect the source.

    The solution is not to lock up the source, but to
    produce new content with quality that far outpaces the ability of capture devices to reproduce/re-transmit it.

    Come on! Bring out the HDTV, HD-DVD, SACD, and holographic video and change people's definition
    of "good-enough". It's still gonna be years before
    the bandwidth is there to mass re-distribute contents of such high quality. If people are accustomed to watching color TV, would they revert to swapping tapes of black and white? The music/movie industries need to invest in their next big thing, and give consumer a reason to spend their money on something of extra value. Their old chicken that lays golden eggs is dead.

    Eventually, there will come a point where technology would outpace human's ability to perceive any increase in quality. (Who needs
    128bit color depth, when 32bit is more than quite
    sufficient?). But it'll be a long time before the average joe gets a holodeck it his livingroom.
    • Dude, this is perhaps the most insightful comment I've read all week! I wish I had mod points right now.
    • Yes and no.

      First off, the percieved quality has to have additional value. If this doesn't happen, then everything else is doomed. Case in point is audio: MP3 is "good enough" for most things, and offers benefits (physically small devices that can hold a catalog of music) beyond the traditional media. Better quality audio is nice, but the most ubiquitous use of music is background: people wouldn't pay 10x as much for things that they appreciate more 10% of the time.

      The second, and possibly more important issue is that the content cartel wants new distribution means; they want to be able to rent movies to people over their internet connection. The problem is that this will never provide the level of security they feel is necessary.
  • by pridkett ( 2666 ) on Tuesday November 19, 2002 @05:13PM (#4710603) Homepage Journal
    that I got out of the papers so far, is that if I want to rip copy protected audio CDs, I'll get a plextor drive and use CD Paranoia (see this paper [stanford.edu] for more information).
  • by Duderstadt ( 549997 ) on Tuesday November 19, 2002 @05:14PM (#4710607)
    From the Microsoft Paper [stanford.edu]:

    I see three specific areas of work that are key adoption blockers today and ripe for further academic and commercial research. The lack of widely-available trustworthy computing devices, robust trust management engines and a general-purpose rights expression/authorization language all hamper industrial development and deployment of DRM systems for digital content.

    Translation:

    1: For DRM to work, everyone in the content must be running a secure OS (presumably Windows) on specially designed hardware AND

    2: A system in place on the client (presumably the .NET CLR trust management engine) must authenticate every executable on the client before execution AND

    3: All content providers must use a language (presumably MS's XRML - eXtensible Rights Management Language) to 'encode' documents and executables for number 2, above.

    Basically, MS is saying: if you want DRM, OSS and 'general purpose' computing devices must go away. And of course, you must serve your media using Windows.NET Media Server.

    • by Chris Brewer ( 66818 ) on Tuesday November 19, 2002 @07:07PM (#4711434) Journal
      So what you're saying is:

      1. Hollywood wants DRM and wants the US.gov to add some laws to make it mandatory.
      2. MS is saying that for DRM to work, everyone needs to have the latest version of Windows.
      3. DoJ (a subsidary of US.gov) has proved in a court of law that MS is a monopoly and that is a no-no.

      Conclusion: The US.gov has said that MS is not allowed to be a monopoly, yet is being paid by Hollywood to make sure that it becomes even more of a monopoly.

      I can see the .gov agents buying their bus tickets and carrying their buckets of water...
  • by Xcott Craver ( 615642 ) on Tuesday November 19, 2002 @05:23PM (#4710668)
    The 5th Information Hiding Workshop took place just a short while ago, and similar attitudes were aired---not just in coffee breaks between sessions, either.

    One very prominent researcher asked the entire audience to consider whether or not they really believe that DRM marking will ever be a possibility, and to consider the consequences of publishing Yet Another Copyright Marking Scheme. A similar frank comment appears in the preface to the 3rd IHW proceedings, 3 years earlier, which had a lot of watermarking papers.

    What is new is a sense of the conference being part of the overall policy machine. When people publish YACMS, vulnerable to the same collection of attacks, they contribute to this mass of research which Jack Valenti et al perceive as proof that maybe it is possible after all, despite the insistence from the tech sector that it is not.

    Xcottt

  • by seaan ( 184422 ) <seaan@concentri[ ]et ['c.n' in gap]> on Tuesday November 19, 2002 @05:34PM (#4710757)
    The paper [stanford.edu] "Implementing Copyright Limitations in Rights Expression
    Languages
    " is the one I found most interesting. Mulligan and Burstein talk about how to implement the copyright act using a "Rights Expressions Language". They use XrML as a starting point, and go on to describe a whole bunch of issues.

    I've often said the most complicated part of making a "fair" DRM (as opposed to one that just simply allows the copyright holder to do whatever they want) is to accomidate fair-use. After all, if the definition of fair-use requires lots of supplemental information and is hard to define even for a judge, what chance does a computer system have of making the right decision? This paper takes the bull by the horns, and starts trying to figure it out.

    I wish we could get all of congressman to read the first two sections of this document! It does very through job of explaining how many existing checks-and-balances the DMCA removed, all in favor of the copyright holders! I know of few other examples where so much law has been invalidated with so little thought.
  • "Darknet" paper (Score:3, Interesting)

    by phsolide ( 584661 ) on Tuesday November 19, 2002 @05:47PM (#4710855)

    I had a look at the "Darknet" paper [stanford.edu] written by Peter Biddle, Paul England, Marcus Peinado, and Bryan Willman all of Microsoft Corporation.

    It's really strange. Some aspects of it seem to pander very crudely to the MSFT bias towards single-user computers - the authors miss out on usenet as a "darknet" completely and they date "Internet" darknet activities to 1998. I can recall FTP'ing scanned playboy centerfolds from wustl.edu as early as 1989 - it was almost a year to the day after the Morris internet worm struck. At the same time the conclusions are very anti-MSFT-corporate-worldview: the authors conclude that some form of "darknet" will always exist for various reasons. This collides directly with MSFT's TCPA and Palladium and general piracy-crackdown viewpoint.

    I can only conclude that some faction inside MSFT doesn't like or believe in the MSFT-corporate direction to include copy protection (a.k.a. DRM) in the OS and this paper is a sort of sermon in the void to warn the CEO/COO/C?? against putting all the MSFT eggs in one basket.

    Or perhaps the authors are trying to run the plot of their latest cyber-thriller up the flagpole to see who salutes it.

  • DRM is Step Two (Score:3, Insightful)

    by Wintermancer ( 134128 ) on Tuesday November 19, 2002 @05:53PM (#4710895)
    Let see here....

    1. Produce multi-million dollar movies and distribute them
    2. ???
    3. No profit due to Step 2 [slashdot.org]

    Revise:
    1. Produce multi-million dollar movies and distribute them DRM
    2. ???
    3. NO PROFIT! Who-hoo!

    Sounds like the same-ol'-same-ol' to me....
  • I remember... (Score:2, Insightful)

    by sbwoodside ( 134679 )
    ... having a conversation with a pretty sharp friend of mine at school about all this crap about four years ago. It seemed to me as though all of these efforts to create copy-protection (the old name for DRM) were totally useless because you /can't/ protect the data. There's always a way around it. This is not encryption people. This is like saying "I want to give you something and not give you something at the same time." How the hell do you do that? You don't, that's how.

    Consider watermarking. If I know there's a watermark in the data, I can fiddle it until I understand the watermark and remove it. Like other people have said, any decryption key has to be in memory /somewhere/ ... so the best thing any programmers can do is just try to hide it through obfuscation. Since there is no REAL way to actually protect the data, instead we're going to be deluged with hare-brained schemes that just make it harder and harder for us to do what we want with our data.

    So, DRM == copy protection. Anyone else remember where copy-protection went with games and everything for the first 15 years of commercial software? More and more annoying, until finally the companies gave up. Same thing will happen with DRM unless the antagonists can learn from history.

    As far as legislation, and "secure" platforms go ... sure that might work, hypothetically. But I hope and pray that the public won't take it.

    simon

"It's my cookie file and if I come up with something that's lame and I like it, it goes in." -- karl (Karl Lehenbauer)

Working...