Forgot your password?
typodupeerror
The Courts Government Software Linux News

Linux and DRM? 88

Posted by Cliff
from the stuff-to-think-about dept.
xgyro asks: "In light of the recent agreement between MS and Disney, and many calling for 2004 to be the 'Year of the Linux Desktop' does Linux have comparable DRM system to allow for distribution of protected content? Linus Torvalds has already endorsed DRM on the Linux platform. Possibly by coincidence, this company has announced a product that seems to provide for some possibilities. Will other companies follow suite? As a employee of a large content provider, what current options are out there for groups that want to deploy protected content on Linux?"
This discussion has been archived. No new comments can be posted.

Linux and DRM?

Comments Filter:
  • well, (Score:5, Informative)

    by pb (1020) on Wednesday February 11, 2004 @02:18PM (#8250929)
    Linus didn't exactly endorse it, you know. And I think you'll find that DRM systems, by and large, are unwanted and insecure. If you can access the content, then you can strip it of its protections.
    • Re:well, (Score:2, Insightful)

      by EhhJames (751475)
      Linus only mentioned it has a "place" in Linux, and NOT AGAINST IT. Linux makes an extemely poor choice as a desktop platform right now, for anyone wanting to deliver any type of protected content. Linux has ZERO capabilies to deliver any media that is not OPEN. How can the open community expect to even get a "look" from from contenet providers. DO NOT confuse OPEN software with FREE.
      • Re:well, (Score:4, Insightful)

        by Phillup (317168) on Wednesday February 11, 2004 @02:56PM (#8251412)
        While it may not have a place on the desktop (which I don't agree with...) it does just fine in the living room.

        Like my TIVO.

        And that, IMHO, is much more relevant to the subject of DRM.

        And, I predict that the most effective DRM system will be an "Open" one. Only intense scrutiny will be able to create a system strong enough to work. (For various definitions of "work";-))
      • Re:well, (Score:2, Informative)

        by ichimunki (194887)
        Linux has ZERO capabilies to deliver any media that is not OPEN.

        So in that respect it's really not that different from all the other operating systems on the market, now is it?

        Protecting content is a waste of time because humans can only experience the content via analog methods. Meaning: there is always going to be a weak spot. Not only that, every single attempt at a DRM system to date has been cracked-- unless you consider the various encryption tools out there, like PGP/GnuPG... and even those suf
      • Linux has ZERO capabilies to deliver any media that is not OPEN.

        Seems like it's been doing fine with real's closed format and codecs for quite a while. Even aside from their closed source player for linux, real's helix player is a nice compramise. It keeps real's codecs closed, but allows for development or modification of things like the gui or which sound api to use.
  • by MobyDisk (75490) on Wednesday February 11, 2004 @02:20PM (#8250968) Homepage
    ...Linus Torvalds has already endorsed DRM on the Linux platform...

    Quoth Linus:

    "I also don't necessarily like DRM myself...I think you can use Linux for whatever you want to--which very much includes things I don't necessarily personally approve of."

    That's not exactly a ringing endorsement. If it is, then Linux could be construed to have endorsed browsing Slashdot, child porn, and writing viruses.

  • by npsimons (32752) on Wednesday February 11, 2004 @02:24PM (#8251016) Homepage Journal

    Linus Torvalds has already endorsed DRM on the Linux platform.

    Linus did NOT "endorse" DRM on Linux; he merely said he wouldn't disallow it.


    Geez, talk about RTFA. Now the posters don't even bother to do it.

  • by Anonymous Coward
    It is the idea of having full control over your own content on your own machine that is one of the things that makes Linux so attractive compared to the "Cyber-Singapore's" of MS Windows and Mac-OSX.
    • If DRM does gets into linux kernel it will be optional and nobody will be forced to use it. Due to the fact that all of kernel source is open you can't really force anybody to use some functionality they don't like. And as many people have already pointed out Linus didn't actually endorse it. Hell, he doesn't even like it.
      • Though if the TCG gains control then you will be forced to use what ever OS they approve you to use (and it will have DRM built in to every level, hardware and software)
    • The kernel to MacOSX is completely open-source, actually.
      I know, I've compiled it myself.

      http://www.opensource.apple.com/darwinsource/10. 3. 2/

      It's called 'xnu'

  • No need for DRM (Score:5, Insightful)

    by rudy_wayne (414635) on Wednesday February 11, 2004 @02:29PM (#8251081)
    There is no legitimate need for Digital Restrictions Management.

    Your content is already protected. By copyright law.

    There is no legitimate need to introduce additional restrictions that prevent me from doing what I want with materials that I have legitimately purchased.
    • There is no legitimate need for Digital Restrictions Management
      You misspelled "Mandate"
    • Re:No need for DRM (Score:5, Insightful)

      by Elwood P Dowd (16933) <judgmentalist@gmail.com> on Wednesday February 11, 2004 @02:45PM (#8251292) Journal
      That's incorrect. There are plenty of legitimate needs for Digital Restrictions Management. Not to protect anyone's "content" but your own. That is, you might want DRM hardware that can prove to you that all the trusted code you're running has been signed by Linus Torvalds. That's the "endorsement" Linus made: Some day, it's imaginable, that there could be valid uses for DRM. Valid restrictions that you might choose to place upon yourself.

      You are correct, however, in that there is no legitimate need to introduce additional restrictions that prevent you from doing what you want with materials that you have legitimately purchased. Howard Berman can fuck himself. But DRM isn't inherently evil; It's DRM + fucked up laws.
      • Absolutely.

        I know that Hollywood is going to have a major use for DRM: proving who did and did not have access to submitted materials when.

        You would not believe how much work and money it takes to prove that you didn't steal your idea from someone's spec script / treatment / whatever. DRM gives studios a way to manage information in a way that can be demonstrated to a court, and which has much better defined security characteristics (note: not perfect, just better defined which matters a lot).

        DRM is a go
      • Finally something insightfull... well said!
      • Why does one needs DRM (rather than a trusted copy of Linus Torvalds' public key) to make sure you've got a copy of the code signed by Linus Torvalds?

        The way I figure it, cryptographic signatures don't inherently restrict me from doing things with the code (technologically speaking) but DRM is designed to make sure I can't do what I want with the code unless I'm granted permission to do so by the copyright holder.

        I can see that someday someone might come up with a desirable application of DRM, but I don't
        • cc hack [wbglinks.net] is why one needs DRM in order to make sure you're running a copy of the code signed by Linus Torvalds. There are a number of ways DRM could be useful to computer users. Especially inside companies, where it's important that each person have carefully limited capabilities so that they do not accidentally do harm to their own data. Look at Windows Rights Management Server. It's no where near perfect, but provides interesting features that are impossible without DRM.

          But that's not what you misunders
          • I still don't see how a compiler that can compile a backdoor into a program and propagate its backdoor compilation code to compilers it compiles would be stopped if I had a DRM system in place--that seems to me to be passing the buck. Who's to say I can trust the DRM program? Why not distribute signed binaries of a compiler I can trust? Why would I want my entire free software operating system to contain a proprietary DRM program (it seems to me if the big media corporations are going to trust DRM, the D
            • Who's to say I can trust the DRM program?

              That's up to you and your DRM hardware. You can be guaranteed that only your chipset manufacturer could have built in backdoors. No, DRM doesn't have to be proprietary. It has to have open standards, at least, since Intel is going to want you to be able to run Lunix on it.

              But what's to stop a coworker who has a copy of that file from using a different program to read the file, then copying the data as normal?

              Strong encryption is what's to stop them. But that's
    • If your post isn't flamebait, then my name isn't George W Bush.

      Wait...
    • "Your content is already protected. By copyright law."

      Oh yeah, THAT'S ironclad protection.

      Ask the record companies how much protection that's given them. Better yet, ask Sharman Networks. You'll either get a hearty laugh, or a "No Comment".

      • Ask the record companies how much protection that's given them. Better yet, ask Sharman Networks. You'll either get a hearty laugh, or a "No Comment".
        I am currently undergoing a cardiac haemmorhage on their behalf.
      • Yeah... why don't you ask the record companies how much protection that's given them. Over the past 100 years, I'd say it's worked out pretty fucking well for content distributors. Maybe it's beginning to turn around now, but that's a nice, big pile of cash they've extorted from the producers and the consumers. They might whine, but that's because they're still used to the government creating their business. If copyright law is so impossible to enforce, maybe that indicates that there's something wrong wit
    • Re:No need for DRM (Score:3, Interesting)

      by kinnell (607819)
      There is no legitimate need for Digital Restrictions Management.

      Quite. But that's not what the question was. Disney will be releasing films online with Microsoft DRM whether we like it or not, and the submitter wants to know if it will be possible to watch them on a linux box. Many other film companies may well follow suit.

      If there is no DRM support on linux, then Microsoft will have extended it's monopoly to digital film distribution. Which is bad, even if you and me have no intention of ever buying

      • So, rant aside, I believe the issue is that the DRM in question is proprietary, and won't be available on linux until someone cracks it, like CSS.
        --------
        Which will take like what, twenty minutes? Maybe half-an-hour if the guy stops for a beer?
  • by Rick the Red (307103) <.Rick.The.Red. .at. .gmail.com.> on Wednesday February 11, 2004 @02:30PM (#8251098) Journal
    DRM is a broken business model. Linux is never going to play these DRM'd Disney movies, because they'll require Microsoft's DRM and Microsoft will never allow that on anything but MS Windows. You'll see "Microsoft Office for Linux" before you see that.

    If your Linux box will never play Microsoft DRM media, what will it play? You may offer a DRM scheme for Linux, but what content provider will adopt it, given Microsoft's monopoly on the desktop? Indeed, if DRM becomes widespread, I predict that TiVo is toast.

    But I also predict that DRM will go the way of software copy protection and DIVX; Disney certainly won't sell me any DRM movies. Pay Eisner every time I view "Dumbo"? Sure -- I'll just never watch "Dumbo" again. One penny or one million dollars times zero viewings is the same royalty, Mikey. I lived without home video before (pre-1980s), and I can live without it again. Who's the dumbo in this scenario? Those who fail to learn from history (DIVX) are doomed to repeat it.

    • by Phillup (317168) on Wednesday February 11, 2004 @03:04PM (#8251520)
      Linux is never going to play these DRM'd Disney movies

      Oh... it'll play them. They just won't be DRM'd when it does.

      Ever buy a Disney movie? I've got a two year old... and Disney wants to shove 13 previews down your throat before you can watch the main attraction.

      So... the first thing I do with a Disney DVD is rip the movie and burn it to another DVD. Insert and play... without the previews.

      If anything, they are contributing to the problem of privacy... because I now have a Disney DVD that is of no use to me (the original) and I'm tempted to sell the damn thing.

      Believe me, MS DRM will be cracked... and you'll be able to watch it on your Linux box... and paying for it will be your choice.

      All because of the bad choices they have made.

      P.S. None of this is meant to condone illegal behavior. Nor is it meant to condone bad behavior on the Corp's part.
      • by Anonymous Coward
        As soon as you sell your full copy then you are bound by law to destroy your "back-up" copy with the ad's stripped out.

        If you strip out the ads does that make the resulting re-burn a "derived work"? I guess it depends on if the DVD as a whole is under CR, or if it contains multiple parts each under CR?

        • Yes, I know.

          My point was that Disney created a situation where I have two copies... one of which I don't want.

          They have created a product where the desired version is not the legitimate version. The desired version is "fixed" of the "flaws" they intentionally put in the product. (Excessive advertisement and/or ads that can't be skipped.)

          The same thing will happen with DRM. It will get "fixed" and people will prefer the "fixed" version over the legitimate version.
    • According to Robert Scoble [weblogs.com], Microsoft has no problem with Windows Media DRM support on Linux devices.
      • I believe he's talking about stand-alone devices like iPods, not general purpose PCs, which -- if true -- would contradict my TiVo prediction. But I'll believe it's true when I see it, and I don't believe we'll ever see it on a non-Windows desktop.
  • by orthogonal (588627) on Wednesday February 11, 2004 @02:35PM (#8251170) Journal
    As a employee of a large content provider, what current options are out there for groups that want to deploy protected content on Linux?"

    Sell your product at a fair price, one that's low enough that most users will find it more convenient to buy than to pirate (surely your servers can deliver bandwidth faster and more reliably than P2P, right?). Learn from Baen Books -- Baen actually gives away books hat are a few years old, and in a convenient variety of formats. Baen makes money off this when readers buy sequels in hard-copy.

    Sell your product in a an open format so that your customers can read it or listen to it with the applications and on the OSes they've become comfortable with. Learn for the Real Player debacle, and note how many people have said that no video is compelling enough to get them to install RealPlayer. Don't get your ass caught in the same vise.

    Recognize that DRM or nor, some piracy is inevitable. Don't let this fool you into alienating the vast majority of your honest customers in a vain attempt to prevent piracy by a tiny minority that probably would never but your product anyway. learn from the Intuit debacle; count the number of customers who will never return to Intuit.

    Trust and respect your customers, and many will extend that same trust and respect to you: I've gotten nearly 8000 non-DRM'd mp3s from emusic.com, and I won't even share them with friends -- because emusic showed me it trusted me, and I don't want to abuse that trust.

    copyright (c) 2004, not-the-Gartner-Group
    • by Anonymous Coward
      Trust and respect your customers, and many will extend that same trust and respect to you: I've gotten nearly 8000 non-DRM'd mp3s from emusic.com, and I won't even share them with friends -- because emusic showed me it trusted me, and I don't want to abuse that trust.

      That, and I'm not sure they're not watermarked with a personal identifier :).

      ~~~

      • by orthogonal (588627) on Wednesday February 11, 2004 @03:11PM (#8251596) Journal
        That, and I'm not sure they're not watermarked with a personal identifier :).

        I realize that you're joking, but actually I did check, with the help of an IRC acquaintance.

        He and I both downloaded the same track from emusic -- at different times, just in case you're wondering, as it was a track I'd had for a while --, and then each ran md5sum on our copies. The md5sums matched. and for the truly tin-foil hatted, I had him give me the start of his md5sum first. ;)

        We weren't looking to pirate the tracks, we were just curious, given that emusic in its early incarnation as mp3.com had once boasted of its water-marking technology.
    • Learn for the Real Player debacle, and note how many people have said that no video is compelling enough to get them to install RealPlayer.

      Kind of off-topic, but the fact that, at least on the supported platforms, mplayer plays Real streams quite happily and allows nice things like output to a file, means even if Real was a great format, there is no compulsion to install the proprietary player.
  • The company mentioned in the article really seems to have something. They are cross platform, working the same accros Linux and Windoz. Seems they provide many different options for protecting content. Any thoughts?
  • by dismentor (592590) on Wednesday February 11, 2004 @02:44PM (#8251281)
    For a community that is based on the concept of 'free speech' and open systems, I doubt there will be much interest or support on a Digital Restriction Management system.
    Due to the nature of any DRM system, it has to act as a black box which is contrary to the beliefs of the community. We will not want to support it, or, probably, even install it.
    Due to the nature of free software, we rely on people to do the right thing just as much as other copyright holders; this will not change although some notable companies have abused this. If your company doesn't want to respect us, we are not interested.
    Copyrighted works are protected by law and to the extent permitted by the law only, anything further, like stopping non-restricted copies, starts stepping on our rights and we will not be interested in letting that fly.
    • Due to the nature of any DRM system, it has to act as a black box which is contrary to the beliefs of the community.

      DRM does not have to be a black box any more than PGP needs to be a black box.

      The reason it is being developed in "secret" is so that customers will not be aware that they are being screwed.

      It isn't a technological issue, it is social.

      DRM won't be effective until it is developed using open methodology, IMHO.
      • DRM does not have to be a black box any more than PGP needs to be a black box.

        The difference between digital restrictions management for copyrighted works and GnuPG for secret communication is that use of GnuPG comes with the full cooperation of the machine's owner, who can if he wants intercept the cleartext by patching the source code. The stated goal of many DRM system includes preventing such interception.

        Of course, you could provide the DRM system as source code and have it attest that it hasn't

  • DRM (Score:1, Funny)

    by Anonymous Coward
    Not on my PC.

    Not on my servers.

    Not in my country.

  • by schmaltz (70977) on Wednesday February 11, 2004 @02:52PM (#8251373)
    From the dictionary--

    en*dorse - To give approval of or support to, especially by public statement; sanction: endorse a political candidate. See synonyms at approve.

    This did not happen. The quote from the article which you've fictionalized into an "endorsement" goes something like this--

    "I also don't necessarily like DRM myself," Torvalds wrote on the "Linux-kernel" mailing list. "But...I'm an 'Oppenheimer,' and I refuse to play politics with Linux, and I think you can use Linux for whatever you want to--which very much includes things I don't necessarily personally approve of."

    Please, xgyro [mailto], tell us how you extrapolated "use Linux for whatever you want to...[including] things I don't necessarily personally approve of" into "endorsed"?

    A Microsoft troll, no doubt, but necessary to refute. Fiction becomes myth becomes fact after time.
  • drm rant (Score:4, Interesting)

    by pizza_milkshake (580452) on Wednesday February 11, 2004 @02:56PM (#8251409)
    drm is all about greed -- why let people pay for something once they may use often? why not essentially rent everything instead of selling it. the difference being that the consumer has fewer (any?) rights over the product, be it a piece of software or media, and the consumer pays more to whomever holds the rights. this is in direct conflict with the concept of Free Software.

    <rant> microsoft has been trying to get customers to convert over to a subscription plan for their software and no one is doing it. why not? because no one wants to pay more, rely on a vendor more and give up ownership... and for what? there are no real benefits.

    business people get a hard-on for subscription services that work because they make more money than other types... but the thing they don't realize is that subscription services that succeed do so because consumer want them and are willing to pay for the service. the current state is "let's make everything a service and try to convince consumers to pay for it".

    no matter how powerful corporations become they are still at the mercy of consumers' money. assuming the majority of Joe Consumers aren't stupid enough to pay more money for less in exchange for some crap stamp of approval by the bastards who are charging you, DRM will never take off. of course, that won't keep business folks from trying, because all they have to do is wave (people with internet access * media per consumer * viewings per day) in front of a VC and say "if we could just capture 0.01% of that I can forecast 1000000% sustained growth". of course the problem is that the only way for DRM to succeed is for their to be no choice, because no one would choose to pay less for more. </rant>

    • Re:drm rant (Score:3, Interesting)

      by kent_eh (543303)
      of course the problem is that the only way for DRM to succeed is for their to be no choice, because no one would choose to pay less for more.

      And how long do you think it'll take the content distributors to figure this out and make it so?

      Even if it was only 3 or 4 big media companies who got together on it, that would be a large majority of the content only available in DRM "enhanced" format.
      The masses will grumble about having to upgrade their DVD/CD players, but the producers will subsidize that (" tr
  • The Right to Read (Score:5, Interesting)

    by Anonymous Coward on Wednesday February 11, 2004 @02:56PM (#8251418)
    This article appeared in the February 1997 issue of Communications of the ACM (Volume 40, Number 2).

    (from "The Road To Tycho", a collection of articles about the antecedents of the Lunarian Revolution, published in Luna City in 2096)

    For Dan Halbert, the road to Tycho began in college--when Lissa Lenz asked to borrow his computer. Hers had broken down, and unless she could borrow another, she would fail her midterm project. There was no one she dared ask, except Dan.

    This put Dan in a dilemma. He had to help her--but if he lent her his computer, she might read his books. Aside from the fact that you could go to prison for many years for letting someone else read your books, the very idea shocked him at first. Like everyone, he had been taught since elementary school that sharing books was nasty and wrong--something that only pirates would do.

    And there wasn't much chance that the SPA--the Software Protection Authority--would fail to catch him. In his software class, Dan had learned that each book had a copyright monitor that reported when and where it was read, and by whom, to Central Licensing. (They used this information to catch reading pirates, but also to sell personal interest profiles to retailers.) The next time his computer was networked, Central Licensing would find out. He, as computer owner, would receive the harshest punishment--for not taking pains to prevent the crime.

    Of course, Lissa did not necessarily intend to read his books. She might want the computer only to write her midterm. But Dan knew she came from a middle-class family and could hardly afford the tuition, let alone her reading fees. Reading his books might be the only way she could graduate. He understood this situation; he himself had had to borrow to pay for all the research papers he read. (10% of those fees went to the researchers who wrote the papers; since Dan aimed for an academic career, he could hope that his own research papers, if frequently referenced, would bring in enough to repay this loan.)

    Later on, Dan would learn there was a time when anyone could go to the library and read journal articles, and even books, without having to pay. There were independent scholars who read thousands of pages without government library grants. But in the 1990s, both commercial and nonprofit journal publishers had begun charging fees for access. By 2047, libraries offering free public access to scholarly literature were a dim memory.

    There were ways, of course, to get around the SPA and Central Licensing. They were themselves illegal. Dan had had a classmate in software, Frank Martucci, who had obtained an illicit debugging tool, and used it to skip over the copyright monitor code when reading books. But he had told too many friends about it, and one of them turned him in to the SPA for a reward (students deep in debt were easily tempted into betrayal). In 2047, Frank was in prison, not for pirate reading, but for possessing a debugger.

    Dan would later learn that there was a time when anyone could have debugging tools. There were even free debugging tools available on CD or downloadable over the net. But ordinary users started using them to bypass copyright monitors, and eventually a judge ruled that this had become their principal use in actual practice. This meant they were illegal; the debuggers' developers were sent to prison.

    Programmers still needed debugging tools, of course, but debugger vendors in 2047 distributed numbered copies only, and only to officially licensed and bonded programmers. The debugger Dan used in software class was kept behind a special firewall so that it could be used only for class exercises.

    It was also possible to bypass the copyright monitors by installing a modified system kernel. Dan would eventually find out about the free kernels, even entire free operating systems, that had existed around the turn of the century. But not only were they illegal, like d

  • by xgyro (553902) on Wednesday February 11, 2004 @03:21PM (#8251696)
    Ok, so maybe the word "endorse" was a little strong... however... I think what Linus is trying to say is there IS A PLACE for some type of encryption/DRM/content protection in the Linux world. In order to build out certain business models based on Linux platform, data/content protection is needed. Or MS will only increase their grasp on the world. Some business models require content protection; Adobe provides a (somewhat) protected document security, what about other files such as business docs/personal info/media documents? How can we protect our content across Linux platforms? I'm not speaking specifically to DRM in movies/music, rather from a broader perspective. Any products out there other than the one mentioned?
    • product by ERUCES mentioned in article is not open source. enven though it looks good. who wants a propietary encryption application in Linux. i dont. why don't you help out the OGG-S project?
  • Linux support CSS on DVDs. CSS is an excellent example of why people might choose Linux DRM systems as these systems provide the consumer with their full rights.
  • We're there (Score:4, Informative)

    by Anonymous Coward on Wednesday February 11, 2004 @03:57PM (#8252135)
    "OGG-S [freshmeat.net] OGG-S is an open source development project that aims to create an open Digital Rights Management (DRM) interface for the creation, playback, and management of multimedia files."
    • That doesn't mean it is or will be forced down your throat, though.
    • You're probably expecting a lot of controversy, since the people who appreciate Ogg's openness are tend to dislike DRM. But I don't see a problem.

      DRM and encryption, it seems, is most easily implemented at the file level. So you could DRM anything. Ogg is a stream format, and I assume OGG-S is trying to DRM there so it' still useful for streaming. But again, who cares?

      Besides, even if the masses are resigned to DRM, I'd still rather the codec be Vorbis than WMA.

  • by Kiaser Zohsay (20134) on Wednesday February 11, 2004 @04:09PM (#8252264)
    does Linux have comparable DRM system to allow for distribution of protected content?

    No, Virgina, there is no such thing as protected content. That was only a bedtime story told to CEO's and recording execs to help them sleep at night.
  • by Lord Kano (13027)
    As a employee of a large content provider, what current options are out there for groups that want to deploy protected content on Linux?

    Um... convince your superiors that they shouldn't treat all of their customers like potential thieves.

    In all honesty, it will probably be a waste of money rivalling Circuit City's DIVX. [wikipedia.org] Linux users are not likely to adopt a system that employs "DRM".

    LK
  • by Tom7 (102298)
    One of the reasons to use linux is its lack of DRM. I'm sure I'm not alone in this sentiment.
  • Fundamental flaw (Score:5, Insightful)

    by Fubar420 (701126) * on Wednesday February 11, 2004 @06:05PM (#8253610)
    DRM exists, with one fundamental flaw. It is, at least in every form currently explored, fundamentally impossible.

    It relies on encryption of data, and for arguments sake, it doesn't matter how. Now the player must be able to decrypt this media some how. The choices are:

    1) Universal key (DeCSS anyone?) As soon as it's exposed somewhere it shouldn't be, its taken, and used on any media you'd like

    2) Licensing server: Will issue a license for some period of time, during which you can view in a registered player, Perhaps you can renew, perhaps you cant. Regardless though, the key used to decrypt the media for playing, has to be transmitted somehow. Lets imagine it is encrypted and somehow sent to the playing device. Regardless, said device has to be able to read that key, and if it can do that, so can somebody else. Should the device have a general pub/priv combo for talking to the server, those keys could be comprimised, or again, the real decryption key can be compromised from one of a million already demonstrated means.

    3) Hardware solution, locked up device, unaccessible from software. This could work, so long as the hardware is such that it cannot be accessed, but as we have seen time and time again, people are willing to take apart their boxes to see what makes them tick (XBox + Linux, or any modchip solution to any system).

    Regardless of what you do, even barring that "somehow" [ ;-) ] you dont just capture the output (VGA capture works well here, since they all output to monitors at some point), you have to decrypt the data. The data exists SOMEHOW.

    And as strong as encryption is, the will for people to piss off the media conglomerates is too strong. End of the day, if the data can be decrypted, then your key is whats in jeopardy. If the key is encrypted somewhere, than it's decrypting key is the target. So on, and so forth.

    You can make it difficult, but without (literally) an armed guard sitting there w/ a bucket of popcorn to "help" you watch the movie, there is a weak point.

    (and to add to that, humans become a factor, armed guards can be bribed, just like anybody else).

    Just my 20 pesos.
    • Universal key (DeCSS anyone?) As soon as it's exposed somewhere it shouldn't be, its taken, and used on any media you'd like

      It was the earliest of the DRM systems. No one is going to use something that naive today (except for the CD protection sharpie guys).

      This could work, so long as the hardware is such that it cannot be accessed, but as we have seen time and time again, people are willing to take apart their boxes to see what makes them tick

      Once XBOX moves to PS2 style single chip design, all this m

  • Want DRM? Try books! (Score:3, Informative)

    by rocketfairy (16253) <nmt2002@colu[ ]a.edu ['mbi' in gap]> on Wednesday February 11, 2004 @08:50PM (#8254989) Homepage

    As a employee of a large content provider, what current options are out there for groups that want to deploy protected content on Linux?

    Well, you could start by reading a book. DRM is not viable on closed source systems; it won't be viable on open source systems. If you plug DRM software into the kernel, I can still run it inside a virtual machine and snatch out whatever content I want (and put it on a peer-to-peer system). Better yet, I can get content from someone who doesn't try to treat me like a two-year-old.

    Want a real system for getting money for your content? Try micropayments, or subscription, but don't bother with DRM. Any engineer (who isn't trying to part a fool from his venture capital) will tell you that, in the long run, "trying to make bits uncopyable is like trying to make water not wet." (Thanks, Bruce [schneier.com])

    • Any engineer (who isn't trying to part a fool from his venture capital) will tell you that, in the long run, "trying to make bits uncopyable is like trying to make water not wet."

      DRM can work in current systems if there is contact with upstream, i.e., it will easily work on an internet connected PC. Some of the DRM systems which weren't cracked include DivX (from Circuit City) and Liquid Audio.

      • DivX wasn't cracked because it was too unpopular to bother. If it had lasted longer in the market, it would've met the same fate as CSS.
        • DivX wasn't cracked because it was too unpopular to bother. If it had lasted longer in the market, it would've met the same fate as CSS.

          I think that is highly unlikely. The machine running DivX had a phone line connection to CC. Why do you think no one has hacked ATMs? And AFAIK, there were no PC players, only hardware ones.

          • The machine running DivX had a phone line connection to CC.
            Tap your own phone line, record a few dozen sessions, and pretty soon you can have the player phoning YOUR DRM server instead of CC's. Probably not done because it didn't last long enough to piss someone off to this level of effort.

            If you build it with DRM, they will come ... and CRACK IT!

            • Tap your own phone line, record a few dozen sessions, and pretty soon you can have the player phoning YOUR DRM server instead of CC's.

              There are a lot of protocols that are not vulnerable to man in the middle attacks. SSH2 comes to mind. Believe it or not, as the DRM gets more sophisticated, it will be nearly impossible to break. Remember the earliest cable "encryption"? It was a trivial matter to twist some wires to clean that up. The next version required a dedicated set top box to decode. I don't t

              • as the DRM gets more sophisticated, it will be nearly impossible to break

                I'd be a little more careful when using the word 'impossible'. There will always exist people with the time and expertise to reverse engineer any copy protection worth breaking. Each form of 'protection' appears sophistocated when it is first used, but if the content proves popular, someone always finds a way to break it, fool it, or bypass it.

                • Each form of 'protection' appears sophistocated when it is first used, but if the content proves popular, someone always finds a way to break it, fool it, or bypass it.

                  When companies get serious about security and DRM, it will be non-trivial to break. Of the ones that were broken,

                  1. Adobe engineers considered ROT13 to be a form of encryption.
                  2. CSS used 40 bit encryption because of export restrictions.

Overdrawn? But I still have checks left!

Working...