Open Source DRM

Clyde writes "The different worlds of DRM and Open Source have come together under OGG-S, a project that just recently went to beta with their Open Source DRM toolkit. The project license in GPL and uses OpenSSL for its encryption engine. It will be interesting to see if this project helps to spread the acceptance of Ogg Vorbis."

Re:another thinly veiled attempt to make money

[sidespace]

I am sorry if our page is not that clear, but all OGG-S work is released under the GPL. If YOU would like to release a binary-only version of OGG-S (that contains zero Xiph code and 100% SideSpace code) then all we ask is you pay us a one-time charge of $50.

I hope that is not unreasonable, and you understand this cost only subsidizes our development tools and web hosting.

Plus, we will give 10% of your purchase to the EFF to help protect everyone's digital rights online.

Re:Independent and Unsanctioned?

[Emmettfish]

Is it safe to say that these people are in no way associated with the Ogg/Vorbis people? I can't see how this is a good thing. The whole point of Ogg formats is that they're open and free. Do we really want a version of Ogg/Vorbis that is saddled by use restrictions?

I assure you that SideSpace is in no way, shape or form affiliated with the Xiph.Org Foundation, who make Ogg Vorbis and other royalty-free multimedia codecs.

Emmett Plant
CEO, Xiph.Org Foundation

Re:Open Source, but not free source.

[uhoreg]

Of course, they screwed up the wording of that sentence. They are releasing the code under two licenses. One is the GPL, and you don't have to pay them for that license. The other license is a commercial license, which allows you to release a binary, with modifications, without the requirement of having to provide the source, and costs 50USD. So they should add something like "without having to provide the source" to the end of that sentence.

Source won't help decrypt the files

[Beetjebrak]

A look at the source doesn't mean that you can simply defeat the encryption. Just like you can't r00t someone's ssh server by looking at the source of their version of OpenSSH.

Of course you could trojanize the source and try to get a limp version of the binaries to proliferate, but the chances of that working are very close to zero. If I were a publisher I'd test whether the encoding and DRM encryption worked before I were to sell my media to the world.

Re:Source won't help decrypt the files

[Elwood+P+Dowd]

DRM is supposed to protect you from a malicious person that already has the proper keys. Until the decryption is handled by "trusted" hardware (TCPA), yes, having access to the source & the key would let you defeat the DRM.

Re:another thinly veiled attempt to make money

[sidespace]

Emmett,
I agree that 10% of our proceeds should go to Xiph.org; tonight I will update the web page so that 10% of a purchase will go to Xiph.org as well as the EFF. The reason this change was not done sooner was because at the time OGG-S started, Xiph was not a non-profit organization (charging for the fixed point decoder).
Also, if you believe the name of OGG-S could cause any consumer confusion please feel free to email me at rsage@sidespace.com and I will work on changing our site accordingly. Since OGG-S has been mentioned on the Vorbis mailing lists in the past, I had assumed this name would not cause any confusion.

Sincerely,

Ryan @ SideSpace

It's the victim's fault, you see

[chrisis]

No, YOU'VE entirely missed the point of DRM. The trouble with your analogy is that you've decided that there are certain kinds of theft that are acceptable. Theft is theft. It doesn't matter whether I've left my door unlocked, or locked, or forgotten my walkman at the fast food joint -- or set my stereo up on the sidewalk. Somebody helps themselves to my property, it's theft, pure and simple. I shudder to think that there might be judges who will rule on the basis of your twisted perception of relative morality instead of on the basis of the law.

If DRM was what you say it is, then why are the media giants going after the file-swappers? If you're right, they don't have a leg to stand on! Their music is "out in the open". Nonsense -- they're going after the file swappers because the file swappers are in breach of copyright. There is already a basis in law that allows for prosecution of ppl who illegally copy. DRM is NOT about legal protection. DRM is about CONTENT CONTROL.

DRM:today you have access to the kernel. Tomorrow?

[chrisis]

DRM isn't bad? Do you have any idea what DRM /means/? DRM requires content to be authorised by central "trusted" authorisation servers. That means that access to /your/ content is controlled by whoever controls the authentication servers. That means that you have to ask permission to view your own data!

How can that possibly be good? How can you give a mandate to something like that?

Pretending that it is an "arms race", and making sure everyone's got it would mean that DRM would become ubiquitous -- and that any data anyone produces will be placed under the dominion of the despotic maniacs behind "Trusted Computing".

Open Source should NEVER get into bed with DRM. It's laughable to think that anyone could DREAM that DRM would permit Open Source [software or content's] continued existence. Can you imagine giving someone sponsored by Bill the control over your access to the linux kernel? Allowing DRM to become ubiquitous, even tacitly supporting DRM would make that situation a reality.