Slashdot Mirror
Linux and DRM?
xgyro asks: "In light of the recent agreement between MS and Disney, and many calling for 2004 to be the 'Year of the Linux Desktop' does Linux have comparable DRM system to allow for distribution of protected content? Linus Torvalds has already endorsed DRM on the Linux platform. Possibly by coincidence, this company has announced a product that seems to provide for some possibilities. Will other companies follow suite? As a employee of a large content provider, what current options are out there for groups that want to deploy protected content on Linux?"
Linus didn't exactly endorse it, you know. And I think you'll find that DRM systems, by and large, are unwanted and insecure. If you can access the content, then you can strip it of its protections.
pb Reply or e-mail; don't vaguely moderate.
Quoth Linus:
That's not exactly a ringing endorsement. If it is, then Linux could be construed to have endorsed browsing Slashdot, child porn, and writing viruses.
There is no legitimate need for Digital Restrictions Management.
Your content is already protected. By copyright law.
There is no legitimate need to introduce additional restrictions that prevent me from doing what I want with materials that I have legitimately purchased.
If your Linux box will never play Microsoft DRM media, what will it play? You may offer a DRM scheme for Linux, but what content provider will adopt it, given Microsoft's monopoly on the desktop? Indeed, if DRM becomes widespread, I predict that TiVo is toast.
But I also predict that DRM will go the way of software copy protection and DIVX; Disney certainly won't sell me any DRM movies. Pay Eisner every time I view "Dumbo"? Sure -- I'll just never watch "Dumbo" again. One penny or one million dollars times zero viewings is the same royalty, Mikey. I lived without home video before (pre-1980s), and I can live without it again. Who's the dumbo in this scenario? Those who fail to learn from history (DIVX) are doomed to repeat it.
If all this should have a reason, we would be the last to know.
As a employee of a large content provider, what current options are out there for groups that want to deploy protected content on Linux?"
Sell your product at a fair price, one that's low enough that most users will find it more convenient to buy than to pirate (surely your servers can deliver bandwidth faster and more reliably than P2P, right?). Learn from Baen Books -- Baen actually gives away books hat are a few years old, and in a convenient variety of formats. Baen makes money off this when readers buy sequels in hard-copy.
Sell your product in a an open format so that your customers can read it or listen to it with the applications and on the OSes they've become comfortable with. Learn for the Real Player debacle, and note how many people have said that no video is compelling enough to get them to install RealPlayer. Don't get your ass caught in the same vise.
Recognize that DRM or nor, some piracy is inevitable. Don't let this fool you into alienating the vast majority of your honest customers in a vain attempt to prevent piracy by a tiny minority that probably would never but your product anyway. learn from the Intuit debacle; count the number of customers who will never return to Intuit.
Trust and respect your customers, and many will extend that same trust and respect to you: I've gotten nearly 8000 non-DRM'd mp3s from emusic.com, and I won't even share them with friends -- because emusic showed me it trusted me, and I don't want to abuse that trust.
copyright (c) 2004, not-the-Gartner-Group
Opinions on the Twiddler2 hand-held keyboard?
If DRM will ever live, it'll be on hardware level.
For Dan Halbert, the road to Tycho began in college--when Lissa Lenz asked to borrow his computer. Hers had broken down, and unless she could borrow another, she would fail her midterm project. There was no one she dared ask, except Dan.
This put Dan in a dilemma. He had to help her--but if he lent her his computer, she might read his books. Aside from the fact that you could go to prison for many years for letting someone else read your books, the very idea shocked him at first. Like everyone, he had been taught since elementary school that sharing books was nasty and wrong--something that only pirates would do.
And there wasn't much chance that the SPA--the Software Protection Authority--would fail to catch him. In his software class, Dan had learned that each book had a copyright monitor that reported when and where it was read, and by whom, to Central Licensing. (They used this information to catch reading pirates, but also to sell personal interest profiles to retailers.) The next time his computer was networked, Central Licensing would find out. He, as computer owner, would receive the harshest punishment--for not taking pains to prevent the crime.
Of course, Lissa did not necessarily intend to read his books. She might want the computer only to write her midterm. But Dan knew she came from a middle-class family and could hardly afford the tuition, let alone her reading fees. Reading his books might be the only way she could graduate. He understood this situation; he himself had had to borrow to pay for all the research papers he read. (10% of those fees went to the researchers who wrote the papers; since Dan aimed for an academic career, he could hope that his own research papers, if frequently referenced, would bring in enough to repay this loan.)
Later on, Dan would learn there was a time when anyone could go to the library and read journal articles, and even books, without having to pay. There were independent scholars who read thousands of pages without government library grants. But in the 1990s, both commercial and nonprofit journal publishers had begun charging fees for access. By 2047, libraries offering free public access to scholarly literature were a dim memory.
There were ways, of course, to get around the SPA and Central Licensing. They were themselves illegal. Dan had had a classmate in software, Frank Martucci, who had obtained an illicit debugging tool, and used it to skip over the copyright monitor code when reading books. But he had told too many friends about it, and one of them turned him in to the SPA for a reward (students deep in debt were easily tempted into betrayal). In 2047, Frank was in prison, not for pirate reading, but for possessing a debugger.
Dan would later learn that there was a time when anyone could have debugging tools. There were even free debugging tools available on CD or downloadable over the net. But ordinary users started using them to bypass copyright monitors, and eventually a judge ruled that this had become their principal use in actual practice. This meant they were illegal; the debuggers' developers were sent to prison.
Programmers still needed debugging tools, of course, but debugger vendors in 2047 distributed numbered copies only, and only to officially licensed and bonded programmers. The debugger Dan used in software class was kept behind a special firewall so that it could be used only for class exercises.
It was also possible to bypass the copyright monitors by installing a modified system kernel. Dan would eventually find out about the free kernels, even entire free operating systems, that had existed around the turn of the century. But not only were they illegal, like d
That, and I'm not sure they're not watermarked with a personal identifier :).
;)
I realize that you're joking, but actually I did check, with the help of an IRC acquaintance.
He and I both downloaded the same track from emusic -- at different times, just in case you're wondering, as it was a track I'd had for a while --, and then each ran md5sum on our copies. The md5sums matched. and for the truly tin-foil hatted, I had him give me the start of his md5sum first.
We weren't looking to pirate the tracks, we were just curious, given that emusic in its early incarnation as mp3.com had once boasted of its water-marking technology.
Opinions on the Twiddler2 hand-held keyboard?
"OGG-S OGG-S is an open source development project that aims to create an open Digital Rights Management (DRM) interface for the creation, playback, and management of multimedia files."
does Linux have comparable DRM system to allow for distribution of protected content?
No, Virgina, there is no such thing as protected content. That was only a bedtime story told to CEO's and recording execs to help them sleep at night.
I am not your blowing wind, I am the lightning.
DRM exists, with one fundamental flaw. It is, at least in every form currently explored, fundamentally impossible.
;-) ] you dont just capture the output (VGA capture works well here, since they all output to monitors at some point), you have to decrypt the data. The data exists SOMEHOW.
It relies on encryption of data, and for arguments sake, it doesn't matter how. Now the player must be able to decrypt this media some how. The choices are:
1) Universal key (DeCSS anyone?) As soon as it's exposed somewhere it shouldn't be, its taken, and used on any media you'd like
2) Licensing server: Will issue a license for some period of time, during which you can view in a registered player, Perhaps you can renew, perhaps you cant. Regardless though, the key used to decrypt the media for playing, has to be transmitted somehow. Lets imagine it is encrypted and somehow sent to the playing device. Regardless, said device has to be able to read that key, and if it can do that, so can somebody else. Should the device have a general pub/priv combo for talking to the server, those keys could be comprimised, or again, the real decryption key can be compromised from one of a million already demonstrated means.
3) Hardware solution, locked up device, unaccessible from software. This could work, so long as the hardware is such that it cannot be accessed, but as we have seen time and time again, people are willing to take apart their boxes to see what makes them tick (XBox + Linux, or any modchip solution to any system).
Regardless of what you do, even barring that "somehow" [
And as strong as encryption is, the will for people to piss off the media conglomerates is too strong. End of the day, if the data can be decrypted, then your key is whats in jeopardy. If the key is encrypted somewhere, than it's decrypting key is the target. So on, and so forth.
You can make it difficult, but without (literally) an armed guard sitting there w/ a bucket of popcorn to "help" you watch the movie, there is a weak point.
(and to add to that, humans become a factor, armed guards can be bribed, just like anybody else).
Just my 20 pesos.
-- (appended to the end of comments you post, 120 chars)