Slashdot Mirror
DRM and Threat Analysis
miladus writes "A timely and concise intervention by Ed Felten
on the topic of DRM and the models used (or not used) to represent the
threats to defeat. In brief, 2 models, one based on the potential of
large scale redistribution of copyrighted files implying defeat of DRM
if one user succeeds in bringing file inquestion to P2P network; the
other, refers to the majority of users who would casually copy files.
The implications of the schematization are most interesting because
they explain some the logic behind the often confused and confusing
rhetoric of DRM advocates and the necessity for rational grounding for
technologies."
It would be far better to approach this problem on a social rather than a technical security basis.
I would perhaps like to see a model where you license a song for life. Something along the lines of paying $1.50 for a song and you get a digital certificate that licences you to own the song, no matter where you got it from.
That would mean that I could get the song quickly from my buddy down the road, and while that is downloading via the loacal bandwidth I could log on to BMI, Sony or whoever (The RIAA homepage!?!?), and pay my royalties.
No wait, I could just log on to the artist's homepage and pay the $.50 directly to him/her/them!!!
There's another threat model, it's the immortal music. The RIAA is very upset that CD's last so much longer than LPs. They've tried to block the resale of used CDs. With DRM, they can go back to the old mortal music model. P2P is just the scape goat. Funny how much the casual model sounds like fair use.
Until the time arrives when DRM will be built" into every speaker you buy and the construction of paper sheets with attached magnets and coils falls under the DMCA or EU-DMCA or whatever.
Sounds silly?
Intel is on the way to integrate DRM into monitors so that you can't intercept the signal and record it (e.g. a movie). It's called HDCP -
High-bandwidth Digital Content Protection.
Look here:
http://www.digital-cp.com/
Sad but true. It only works in a monopoly. This is great news for Tax Cut. Check out who does better next year. Remember when Ashton Tate did the anti-copy stuff on Framework? Remember when Rainbow Dongles were all the rage? It's the quickest way to get bypassed in the marketplace. How is selling encumbered products at higher prices in a competive marketplace good business sence.
It may work in a monopoly like cable, but not where there are alternatives. I've dropped all subscription TV. I have alternatives on the internet. It's a great promotion Microsoft is giving the Open Source movement with the software subscription model. They couldn't have done a better thing to promote free software. They are driving developers to the new wide open market to promote their wares on Linux. The customers are there looking for the applications.
The music industry is doing great things for Inde Bands who otherwise would never get attention, but get lost in the sea of CD's.
I love a free market where the consumer is always right! Great inovations happen!
The truth shall set you free!
Ed Felten has a valid point about the need to choose a threat model, and to stick to that choice.
However, he has not convinced me that the two threat models that he describes are the only ones, or indeed separate threat models at all.
I would view p2p networks as a means to achieving "widespread, but small-scale and unorganized, copying," and not as a separate threat model at all.
I'm also not clear about whom he's addressing: Most DRM advocates are aware of the fact that today's systems will not stop a determined adversary, and only mildly deter a casual user.
Ubi dubium ibi libertas: Where there is doubt, there is freedom.