Linux and DRM?

xgyro asks: "In light of the recent agreement between MS and Disney, and many calling for 2004 to be the 'Year of the Linux Desktop' does Linux have comparable DRM system to allow for distribution of protected content? Linus Torvalds has already endorsed DRM on the Linux platform. Possibly by coincidence, this company has announced a product that seems to provide for some possibilities. Will other companies follow suite? As a employee of a large content provider, what current options are out there for groups that want to deploy protected content on Linux?"

DRM is not kernel related

[Tirel]

if DRM will ever live, it'll be on application level. Can you imagine running a server with DRM enabled? I sure can't and that's why it'll never get into the mainstream kernel. Sure, there might be patches, but what's the point of having DRM on a few machines if the others can just access the data without restrictions?

Keep Linux DRM free

[Anonymous Coward]

It is the idea of having full control over your own content on your own machine that is one of the things that makes Linux so attractive compared to the "Cyber-Singapore's" of MS Windows and Mac-OSX.

No need for DRM

[rudy_wayne]

There is no legitimate need for Digital Restrictions Management.

Your content is already protected. By copyright law.

There is no legitimate need to introduce additional restrictions that prevent me from doing what I want with materials that I have legitimately purchased.

Broken business model

[Rick the Red]

DRM is a broken business model. Linux is never going to play these DRM'd Disney movies, because they'll require Microsoft's DRM and Microsoft will never allow that on anything but MS Windows. You'll see "Microsoft Office for Linux" before you see that.

If your Linux box will never play Microsoft DRM media, what will it play? You may offer a DRM scheme for Linux, but what content provider will adopt it, given Microsoft's monopoly on the desktop? Indeed, if DRM becomes widespread, I predict that TiVo is toast.

But I also predict that DRM will go the way of software copy protection and DIVX; Disney certainly won't sell me any DRM movies. Pay Eisner every time I view "Dumbo"? Sure -- I'll just never watch "Dumbo" again. One penny or one million dollars times zero viewings is the same royalty, Mikey. I lived without home video before (pre-1980s), and I can live without it again. Who's the dumbo in this scenario? Those who fail to learn from history (DIVX) are doomed to repeat it.

Re:well,

[EhhJames]

Linus only mentioned it has a "place" in Linux, and NOT AGAINST IT. Linux makes an extemely poor choice as a desktop platform right now, for anyone wanting to deliver any type of protected content. Linux has ZERO capabilies to deliver any media that is not OPEN. How can the open community expect to even get a "look" from from contenet providers. DO NOT confuse OPEN software with FREE.

One option is treating your customer with respect

[orthogonal]

As a employee of a large content provider, what current options are out there for groups that want to deploy protected content on Linux?"

Sell your product at a fair price, one that's low enough that most users will find it more convenient to buy than to pirate (surely your servers can deliver bandwidth faster and more reliably than P2P, right?). Learn from Baen Books -- Baen actually gives away books hat are a few years old, and in a convenient variety of formats. Baen makes money off this when readers buy sequels in hard-copy.

Sell your product in a an open format so that your customers can read it or listen to it with the applications and on the OSes they've become comfortable with. Learn for the Real Player debacle, and note how many people have said that no video is compelling enough to get them to install RealPlayer. Don't get your ass caught in the same vise.

Recognize that DRM or nor, some piracy is inevitable. Don't let this fool you into alienating the vast majority of your honest customers in a vain attempt to prevent piracy by a tiny minority that probably would never but your product anyway. learn from the Intuit debacle; count the number of customers who will never return to Intuit.

Trust and respect your customers, and many will extend that same trust and respect to you: I've gotten nearly 8000 non-DRM'd mp3s from emusic.com, and I won't even share them with friends -- because emusic showed me it trusted me, and I don't want to abuse that trust.

copyright (c) 2004, not-the-Gartner-Group

DRM and Free Speech

[dismentor]

For a community that is based on the concept of 'free speech' and open systems, I doubt there will be much interest or support on a Digital Restriction Management system.
Due to the nature of any DRM system, it has to act as a black box which is contrary to the beliefs of the community. We will not want to support it, or, probably, even install it.
Due to the nature of free software, we rely on people to do the right thing just as much as other copyright holders; this will not change although some notable companies have abused this. If your company doesn't want to respect us, we are not interested.
Copyrighted works are protected by law and to the extent permitted by the law only, anything further, like stopping non-restricted copies, starts stepping on our rights and we will not be interested in letting that fly.

Re:No need for DRM

[Elwood P Dowd]

That's incorrect. There are plenty of legitimate needs for Digital Restrictions Management. Not to protect anyone's "content" but your own. That is, you might want DRM hardware that can prove to you that all the trusted code you're running has been signed by Linus Torvalds. That's the "endorsement" Linus made: Some day, it's imaginable, that there could be valid uses for DRM. Valid restrictions that you might choose to place upon yourself.

You are correct, however, in that there is no legitimate need to introduce additional restrictions that prevent you from doing what you want with materials that you have legitimately purchased. Howard Berman can fuck himself. But DRM isn't inherently evil; It's DRM + fucked up laws.

Re:well,

[Phillup]

While it may not have a place on the desktop (which I don't agree with...) it does just fine in the living room.

Like my TIVO.

And that, IMHO, is much more relevant to the subject of DRM.

And, I predict that the most effective DRM system will be an "Open" one. Only intense scrutiny will be able to create a system strong enough to work. (For various definitions of "work";-))

Re:One option is treating your customer with respe

[Anonymous Coward]

Trust and respect your customers, and many will extend that same trust and respect to you: I've gotten nearly 8000 non-DRM'd mp3s from emusic.com, and I won't even share them with friends -- because emusic showed me it trusted me, and I don't want to abuse that trust.

That, and I'm not sure they're not watermarked with a personal identifier :).

~~~

Just to clarify......

[xgyro]

Ok, so maybe the word "endorse" was a little strong... however... I think what Linus is trying to say is there IS A PLACE for some type of encryption/DRM/content protection in the Linux world. In order to build out certain business models based on Linux platform, data/content protection is needed. Or MS will only increase their grasp on the world. Some business models require content protection; Adobe provides a (somewhat) protected document security, what about other files such as business docs/personal info/media documents? How can we protect our content across Linux platforms? I'm not speaking specifically to DRM in movies/music, rather from a broader perspective. Any products out there other than the one mentioned?

Re:Keep Linux DRM free

[Weird O'Puns]

If DRM does gets into linux kernel it will be optional and nobody will be forced to use it. Due to the fact that all of kernel source is open you can't really force anybody to use some functionality they don't like. And as many people have already pointed out Linus didn't actually endorse it. Hell, he doesn't even like it.

Fundamental flaw

[Fubar420]

DRM exists, with one fundamental flaw. It is, at least in every form currently explored, fundamentally impossible.

It relies on encryption of data, and for arguments sake, it doesn't matter how. Now the player must be able to decrypt this media some how. The choices are:

1) Universal key (DeCSS anyone?) As soon as it's exposed somewhere it shouldn't be, its taken, and used on any media you'd like

2) Licensing server: Will issue a license for some period of time, during which you can view in a registered player, Perhaps you can renew, perhaps you cant. Regardless though, the key used to decrypt the media for playing, has to be transmitted somehow. Lets imagine it is encrypted and somehow sent to the playing device. Regardless, said device has to be able to read that key, and if it can do that, so can somebody else. Should the device have a general pub/priv combo for talking to the server, those keys could be comprimised, or again, the real decryption key can be compromised from one of a million already demonstrated means.

3) Hardware solution, locked up device, unaccessible from software. This could work, so long as the hardware is such that it cannot be accessed, but as we have seen time and time again, people are willing to take apart their boxes to see what makes them tick (XBox + Linux, or any modchip solution to any system).

Regardless of what you do, even barring that "somehow" [ ;-) ] you dont just capture the output (VGA capture works well here, since they all output to monitors at some point), you have to decrypt the data. The data exists SOMEHOW.

And as strong as encryption is, the will for people to piss off the media conglomerates is too strong. End of the day, if the data can be decrypted, then your key is whats in jeopardy. If the key is encrypted somewhere, than it's decrypting key is the target. So on, and so forth.

You can make it difficult, but without (literally) an armed guard sitting there w/ a bucket of popcorn to "help" you watch the movie, there is a weak point.

(and to add to that, humans become a factor, armed guards can be bribed, just like anybody else).

Just my 20 pesos.