Slashdot Mirror


Linux and DRM?

xgyro asks: "In light of the recent agreement between MS and Disney, and many calling for 2004 to be the 'Year of the Linux Desktop' does Linux have comparable DRM system to allow for distribution of protected content? Linus Torvalds has already endorsed DRM on the Linux platform. Possibly by coincidence, this company has announced a product that seems to provide for some possibilities. Will other companies follow suite? As a employee of a large content provider, what current options are out there for groups that want to deploy protected content on Linux?"

1 of 88 comments (clear)

  1. Fundamental flaw by Fubar420 · · Score: 5, Insightful

    DRM exists, with one fundamental flaw. It is, at least in every form currently explored, fundamentally impossible.

    It relies on encryption of data, and for arguments sake, it doesn't matter how. Now the player must be able to decrypt this media some how. The choices are:

    1) Universal key (DeCSS anyone?) As soon as it's exposed somewhere it shouldn't be, its taken, and used on any media you'd like

    2) Licensing server: Will issue a license for some period of time, during which you can view in a registered player, Perhaps you can renew, perhaps you cant. Regardless though, the key used to decrypt the media for playing, has to be transmitted somehow. Lets imagine it is encrypted and somehow sent to the playing device. Regardless, said device has to be able to read that key, and if it can do that, so can somebody else. Should the device have a general pub/priv combo for talking to the server, those keys could be comprimised, or again, the real decryption key can be compromised from one of a million already demonstrated means.

    3) Hardware solution, locked up device, unaccessible from software. This could work, so long as the hardware is such that it cannot be accessed, but as we have seen time and time again, people are willing to take apart their boxes to see what makes them tick (XBox + Linux, or any modchip solution to any system).

    Regardless of what you do, even barring that "somehow" [ ;-) ] you dont just capture the output (VGA capture works well here, since they all output to monitors at some point), you have to decrypt the data. The data exists SOMEHOW.

    And as strong as encryption is, the will for people to piss off the media conglomerates is too strong. End of the day, if the data can be decrypted, then your key is whats in jeopardy. If the key is encrypted somewhere, than it's decrypting key is the target. So on, and so forth.

    You can make it difficult, but without (literally) an armed guard sitting there w/ a bucket of popcorn to "help" you watch the movie, there is a weak point.

    (and to add to that, humans become a factor, armed guards can be bribed, just like anybody else).

    Just my 20 pesos.

    --
    -- (appended to the end of comments you post, 120 chars)