Cory Doctorow on Digital Rights Management
VerdeRana writes "I just heard the EFF's Cory Doctorow give this fantastic argument critiquing DRM. He makes a great case for why DRM is bad for society, business, and artists, why it simply don't work, and why Microsoft (the audience for this talk) should not invest in it. Broadcast this far and wide, and maybe someone will listen."
Exactly, DRM is not a catchall, this was my point...
:
People think that DRM is catchall, they do not realise that there are many smilar schemes going on.
DVD Region locking is stupid, this is just making international trade laws redundant as if you didn't want a DVD to be sold in a country, you could just have its import banned. I cannot believe I had to buy Ed Wood's movie box in the USA because these are NOT available in Switzerland at all despite the movie's been around for.... decades. So, DVD Region Locking is supposed to prevent movie sales to occur while these are stilly played in movie theaters.
Now, if this were true, then most "old" movies would have been released as Region-0.
And no, DRM is not moral.
Short example
I am remixer.
I want to rip an Audio CD in order to practise my skills.
I can't.
I want to make record to submit to my producer.
I can't.
Even though I'd have negociated the rights before entering commercialisation...
So, even if it is moral (for a Klingon's point of view) it is totally stupid because you cannot build equity if you base it upon suspicion.
Trolling using another account since 2005.
Trolling using another account since 2005.
His article is impeccably, thorough, and articulate. The research and timeline used to explain his points were... well... I can't even fucking come close to writing like that which is obvious at the moment. Like the story submitter said, it was fantastic. He clearly points out the problem with great detail. However, he doesn't propose a solution.
When the World Wide Web was introduced, it seemed like a godsend; now books would be published electronically, libraries could be digitised, and anyone anywhere in the world would be able to search through them and read anything. Yet that isn't how things have panned out, even after years of its existence. The Internet has become an indispensable research tool, but it turned out to be something very different from a library. Information comes in bits and pieces, squeezed within a clutter of navigational panes and advertisements. Web pages have the flashy, disorienting visual effect of grocery shelves. It never turned out to be the coherent electronic medium for publishing that it was meant to.
The way corporations are implementing DRM does not address this issue by design. DRM is meant to secure profit for corporations, while constraining the potential of technology to fit in an antiquated business model. Yes, authors, musicians, film-makers, and everyone involved in creating forms of media must make a living. Yet the internet must also be allowed to reach its full potential in allowing people to access their works. There must be a way of allowing both to happen.
In fact, Hollywood was founded on gross "piracy" and infringement of "intellectual property" of New York film studios and foreign content creators.
The point of Doctorow's talk was that yes of course copying the bits is cheap and so people will do so. BUT in the past, faced with changing technology, the artists, authors, musicians, etc. have always found a way to adapt to the new environment and prosper even more than before. Today's artists are faced with the same challenge, and must not stick their heads in the sand and try to DRM away all the changes to the world and return to yesterday's status quo. We (society) may need to poke and prod them along a bit to get them to go down the right path.
Here is how I see this playing out, take musicians: lets imagine a world where musicians realize that they don't need publishers anymore (at least, not old guard publishers); instead, they put their own copies of their studio recorded music out on the filesharing networks free for anyone to download. They make their living by doing a combination of other things a) live concerts INCLUDING streaming broadcasts on the internet b) limited runs of collector's editions a.k.a. box sets, artistic packages, etc. c) any number of new ways to do things that I can't imagine because they haven't been invented/popularized yet.
Regarding A: yes anyone can rip the stream and make it available for download. But what you're attempting to do is to get society back into a mode where it appreciates live musical performances and values them accordingly. In other words, going back to the pre-piano player days. But this time you aren't limited to only being able to play in front of a roomful of people at a time. The challenge will be keeping the performances interesting and entertaining. Today's artists (Britney) aren't simply going to be able to take a road-show from city to city doing the exact same choreographed dance moves and expect people to tune in to broadcast after broadcast. Fortunately there are musicians out there that actually play music and know how to improvise. Hey I know its a crazy idea but there once was a time when people actually enjoyed music like jazz that by its very nature is changing.
Regarding B: there is a market right now for art books. Books that tell a story but do so with a collage of words, pictures, and tactile experiences. These are generally expensive to produce, especially the ones with hand-made art. So the print run is limited. But that's a good thing. You can sell them for $100 or $200 to a limited audience of really enthusiastic fans. How about a box set of a new CD release from your favorite band that has hand copied liner notes, or maybe hand copies of the original sheets that the song was written on (scribbles and all), would you buy it? Maybe not, but I'm guessing there are fans that would.
Regarding C: I don't have a magic crystal ball but I'm still confident that artists and musicians will come up with new and interesting ways to display their art to society and hopefully these new models will not be so dependent on owning a stranglehold on disseminating the actual bits. Just as player pianos begat pre-recorded publishing in the first place, the internet will beget new ways of disseminating art that we may not have thought of yet at this early stage of the game. The fellow (or gal) that comes up with this new scheme stands to make a pretty penny selling it to the artists.
The entire premise of today's movie and music business is that you can make a fortune by controlling a stranglehold on dissemination. Well, that stranglehold has been loosened, time to find some other way. The stranglehold on distribution itself is a relatively modern happenstance, so this idea that its an artist's god given right to be paid handsomely for each note of his or her creation every time it gets played is a strange one, historically speaking. This evolution will require some effort on the part of the artists, but also some changes in society. Re-acquiring appreciation for live performances and musical improvisation and substance over style. Am I optimistic? Maybe overly so, time will tell.
Microsoft wants a single encryption key as the secret.
I'm not sure what you mean. At a minimum each application in NGSCB gets a different key. It uses a million different signing keys and encryption keys all over the place. You'll routinely have a file encrypted by a key, and that key encrypted by an other key, and that key encrypted by a chain of other keys encrypting each other. The same goes for signatures on signatures on signatures on signatures, a whole chain of signing keys.
Each trust chip does have two master keys (different on every computer) - a PrivEK which is only used to decrypt or sign (never to encrypt), and a root storage key, but that key is only used to encrypt other keys.
It wants that key protected inside the CPU.
Well, they would eventually like to see the Trust chip (and it's two master keys) merged into the CPU. But for the time being they are satisfied with those keys locked inside the Trust chip.
It wants OEM's to pre-register the computer with Microsoft and the key exchange will be done at that time to avoid man in the middle attacks.
False. Trusted Computing does not function like that.
The SRK is randomly generated when you get the computer home. No one, not even Microsoft can get at that key. YOU are especially forbidden to know your SRK.
The other key, PrivEK, is generated or placed in the chip at manufacturing. No one can get at that key either, not Microsoft, and especially not you.
The foundation of Trusted Computing is that you are forbidden to know your own keys. If you knew your keys then you could unlock anything on your computer. If you could do that, then THEY (meaning Microsoft, the RIAA, the MPAA, websites, whoever) then THEY cannot Trust your computer to do what THEY want it to do. THEY cannot trust your computer to enforce DRM against you. You could simply unlock everything and do what you want.
They can't trust you, so they want to Trust your computer to control what you can and cannot do.
That's why you are forbidden to know your own keys. Anyway, back to the keys...
The PrivEK has a public half - the PubEK. They are a matched set, and they only work with each other. PubEK is not secret. You *are* allowed to know the PubEK. The PubEK key is signed by the manufacturer's key to prove it is a genuine chip key. The manufacturers key is only used to sign chip keys. The manufacturer's key is signed by the TrustedComputingGroups Master key to prove it is a genuine manufacturer's key. The TCG's Master key is only used to sign manufacturer's keys.
So what happens is that you send your public PubEK off to Microsoft, or to a Certificate Authority, or whoever. You also send alond the manufacturer's signature, proving it is a real PubEK. You also send along the TCG's signature for the manufacturer's key, proving it is a real manufacturer signature.
So someone gets all that and they know you sent a reak PubEK, and they know that PubEK matches up with a real PrivEK, and that real PrivEK's are only allowed to exist locked inside a chip, and that YOU are forbidden to know that key.
Your PC will have an encrypted channel, done via private key encryption between your CPU and Microsoft.
Sort of. Actually anyone that you give your PubEK to, as described above, can then get an encrypted channel to that chip. I will skip the details because it's even more confusing that what I explained above, lol.
Anyway, that other person now knows that they are talking to your chip, and that YOU cannot understand, control, or alter that conversation. At this point your chip pretty much has total control of everything, and therefor whoever is talking to your chip sort of has ownership of your computer. It's real messy here. Technically that other person has no more control over your computer than you "voluntarily" granted them. On the other hand if you didn't grant them any and all control they demanded then nothing would be working at a
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.