Slashdot Mirror
BBC on DRM and Trusted Computing
distantbody writes "This BBC article by Bill Thompson is balanced and concise on the issues of DRM and 'Trusted Computing,' and offers some insights as to why such systems are the wrong path to follow for consumers and businesses alike. From the the article: 'We need to ensure that trusted computing remains under the control of the users and is not used to take away the freedoms we enjoy today ... the flexibility of copyright law is something that should be embraced and not taken away.'"
Digital rights management is about controlling the data on your machine and deciding who has the rights to run it.
That data can be images, movies, mp3s or executable code...
liqbase
Absolutely... as a matter of fact I think it's more than most, it's close to ALL. Human nature is to take the path of least resistance, and while some take to the challenge of stealing... most don't. So, while some in the past would make illegal copies and share "illegally" (downloading, etc.), the record companies' response by tightening the screws eventually I think will have an unintended effect. At some point the extra onus on the customer to "unlock", and jump through all of the drm hoops just to use something they already paid for and thought they were just going to sit down and enjoy will push them to their path of least resistance... e.g., not bother with buying cd's anymore, not bother with dvd's anymore, not bother with iTunes anymore...
Instead they'll just use the radio, go to the movie theater, whatever. What a wasted amount of time and effort to "trust" we the consumers.
I know they have their faults, but when they need to come through, they really come through, especially on matters of public interest.
I for one welcome our new BBC Overlords, in hopes that they will be a big ally in our struggle to further media distribution on the net.
Buy Steampunk Clothing Online!
If anything Europeans need to fight harder against this stuff because often those arguing against it are arrogant Americans whose argument is often "we do it in the US, therefore you must too". The irony often is that they have a harder time pushing it in the US than elsewhere.
I had a recent experience of this type of thing in teh debate over software patents in the EU.
The sad thing about Trusted Computing is that copyright enforcement is probably the one security problem it does not provide significant leverage for.
At the most basic level there are two security problems:
1. Bugs that can be taken advantage of. Trusted Computing isn't going to be bug free any more than anything else is.
2. People. People who have rights to install software that can send emails or blank their hardrives or whatever. People who like getting 'I love you' emails. People who fall for persuasive conmen. Trusted Computing has nothing to do with this.
How does it provide 'significant leverage' against security problems?
Lets not use the language of the opposition.
By using the words "trusted computing" they are trying to vehicle a certain sub-text, just like when certain people use "tax relief" instead of "tax cuts" or "death tax" instead of "tax on estates of over 1 million dollars".
George Lakoff would have a lot to say about this...
Treehugger? Treehugger... Treehugger!
Since we don't have trusted computing implemented yet, it is hard to say definitively. Given current chips, it is possible for the answer to be yes, and also possible for the answer to be no. Therefore in answering your question I am second-guessing how microsoft will set the defaults rather than what the chip can do.
My guess as to the most likely scenario is that you will be able to boot knoppix. I just cannot imagine the amount of pressure the linux community brings to bear if this happens. The TC chip will however PROBABLY not permit knoppix to unlock the hard drive. So at this point you're kinda stuck. It is likely you'll get low-level access to the disk, but dumping encrypted data isn't of much use.
It is possible the TC chip will trust knoppix once the user enters their password, in which case your recovery would go just fine. It is also possible there is a back door and if you send the encrypted partition to the NSA they will unlock it for you, though I doubt they'll offer the service even if it is possible.
If the device includes a private key known by the manufacturer and not known by the customer, the device is trustable by the manufacturer and not anymore by the customer.
There are no user-friendly feature which requires such a key, and there are no way to take your right away without such a key.
--
Go Debian!
Unfortunately--at least on /., anyway--the loud opinions of those "freeloaders" usually makes rational discussion of copyrights, intellectual property, and DRM meaningless. You can't get past the "RIAA IS EVIL AND I AM A FREEDOM FIGHTER" mindset. I think we'll start seeing some real progress and some valid compromises made by both sides if we can get past the reactionary attitudes that really only exist to shift blame away from downloaders and onto some faceless corporate entity, because demonization is easier than acknowledgement of one's own guilt.
The truth is that the portrayal of both sides is usually wrong. Most companies aren't big, evil, cigar-smoking Republicans sitting in dark rooms plotting economic takeovers to maintain their monopolies. They're just companies trying to protect their media content because of the explosion of piracy. And pirates aren't freedom fighters riding the wave of a big cultural movement. Most are just freeloaders looking to get stuff without having to pay for it (it's basic human nature).
So far, iTunes has been a big success, so apparently a lot of consumers have no problem with DRM and online legal music-downloading. So to be quite honest, I don't know why people still complain about an "obsolete business model" when record labels have already embraced services like Napster and iTunes. Legal online music is already here, which makes the argument for piracy appear even more self-serving.
i didn't know it was the duty of software writers to enforce the law.
let's look at cars. speeding is prohibited. should cardesigners make it impossible to speed?
you're not allowed to kill. should bullet makers make bullets that don't kill?
then why....
Privacy is terrorism.
Most of the major content producers I have talked to about DRM services want to get their content out there to customers for reasonable prices and fair levels of control, the problem is that these major studios are for the most part middlemen.
The reason they require DRM for their online services is the spaghetti of contracts the entertainment industry has built up for themselves of the past several decades. For example if one studio released an album online unprotected, and the artists who created the content can demonstrate that piracy caused a loss in revinue, the content provider can be held legally liable for that loss.
As long as these studios took reasonable steps to prevent this piracy from occuring, their collective asses are covered, even if the DRM scheme used is cracked down the road.
In short: DRM protection laws violate the constitution by both granting legislative/regulatory authority to non-congressional entities, and by denying due process of law to individuals being screwed out of perfectly legal fair use by DRM.
If you want to talk left wing.. let's talk about how DRM turns the US into a communist nation. It undermines personal property rights by placing individual's purchased property in control of centralized ownership, and puts the economy under the command of that same centralized ownership by allowing affirmative regulation of other economic sectors by content cartels.
1. Copyright establishes monopolies which are counter to capitalist tenets of fair competition. With proper scope though it is beneficial. With the current scope, however, it harms society so a wealthy few can become wealthier.
"Allowing anybody to restrict illegal copying of their materials is evil! Never mind that the GPL also limits your usage, yet it's okay, while DRM is just plain evil because it doesn't mean you get to rip people off and not pay them."
2. DRM is not evil because it prevents illegal filesharing, it is evil because, with drm protection laws preventing free market balance of end user rights, it prevents an infinity of perfectly legal fair uses without the required judicial review, and allows copyright holders to write their own copyright law, giving a private entity legislative power against the constitution.
3. I hear this "property rights" argument from copyright extremists like you all the time, but there is an overlap here between copyright law and personal property rights of individuals.
Copyright law was set up so that individual uses could only be taken away from the consumer if the rightsholder found economic incentive to do so.
Anticircumvention law protecting DRM allows copyright holders to rob the public of uses which have no economic impact on them, and without proper judicial review of copyright law to determine if they even have the right to do so.
Many people will not upgrade, and many will by also ilegal hardware from countries that permmit non TC compilant ones (remember, people from US, there are other countries on the world).
I really don't believe that TC will spread. On the US (that is already rulled), DRM will spread, and people will start finding ways to break it. But even there, if TC legislation became true, we will start to see so much garbage sold as software that nobody (read, bug companies, with power) will complaint for too long. I not only speaking about bad OS, I'm talking about bad office applications (that hurt business) and bad experiencie on the web (much worse than we have now) to cite two. That is because the TC computers will probably allow you to run just one office application and browser, specified by the BIOS maker (and with very bad support for upgrades).
Rethinking email
Have you ever checked the prices they charge? Comparing prices for online music with the price of store bought CDs one gets the impression that the manufacture and distribution of CDs has a negative cost.
I would gladly pay for online music if the price was in the same order of magnitude as the cost the distributors have. But when they charge something like $1/song, and I must pay for all the downloading cost, something seems basically unfair.
The "business model" is still obsolete, it's done in the same way John D. Rockefeller used to do business. It's a cartel (or a "trust", as it was called in the late 19th century) that fixes prices and imposes artificial barriers to competition. Things like the broadcast bit and closed binary formats have the same use as the different train gauges the "robber barons" of the 19th century used to push independent railroads out of business.
No, the media cartel uses unethical business methods, and should be broken up. No new legislation is needed, any honest government could get rid of the ??AA using the same laws that were used to break up Standard Oil and AT&T. Meanwhile, what you call "piracy" I call "freedom fighting". Happy Boston Tea Party!
Trusted Computing is more insidious than you realize. The problem is that it will spread because it does *not* have the problems you think it has.
A Trusted computer can do anything a normal computer can do. A Trusted computer is a normal computer *plus* an extra handcuff mode. Outside handcuff mode it is a normal computer that can do anything you can do now. It's like a computer with speakers, when you turn the speakers off it's just as good as a normal speakerless computer.
It is such a threat becuase there is never any reason *not* to have a Trusted computer.
Not upgrading your computer will not help you. There is no need to outlaw normal computers because normal coupters aren't a threat to them, because normal computers will be increasingly useless. Trusted Computing it about new software that cannot be installed except in handcuff mode. New software that that can only be run in hancdcuff mode. It is about new media files and e-mail and WEBSITES that can only be seen in handcuff mode. And in a few years you may only be able to get an internet connection while in handcuff mode.
Yes all of the new stuff is crippled crap when you're in handcuff mode, but none of the new stuff will work at all outside handcuff mode, will not work on a normal computer. You're prefectly free to keep your old computer, you're perfectly free to manufacture and buy normal computers, but you'll get nothing but error messages from half the websites on the internet. You won't be able to read the e-mail your mother or your boss sent you. And your mother and your boss are going to blame you for not being able to read their mail, blame you for having a compatible computer, blame you for having an old obsolete computer.
The strategy is so insideous because there is no reason *not* to have a Trusted computer, and about making people increasingly suffer if they do not "upgrade" to a Trusted system.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
As long as they are the owners and have the password, the data could have been retrieved
No, any password is useless if the operating system changes in any way unless the original unmodified software was explicitly written to pass along its key. The default state is that it will not be possible at all, and the realistic assumption is that the software will explicitly enable it to happen only to a certified patch of the original operating system.
So the answer is NO, the data cannot realisticly be retrieved. Not unless you're pretty much running software you wrote yourself to specifically do that
as long as the user has the last word on using it or not.
Yeah yeah, it does nothing unless you "voluntarily" opt-in to using it. However it is not particularly voluntary once most new software cannot run if you don't, and when you are locked out of half the websites on the internet if you don't use it, and when you cannot read e-mail from your mother and your boss if you don't use it, and it sure as hell won't be voluntary if in about 5 or 7 years you are denied any internet access at all unless you submit to using it.
Trusted Computing is necessary, and is good
I have a question for you. Do you have some expectation that I not unscrew my computer case and rip open my trust chip and use a microscope to read out my master key that unlocks everything on my computer? If you expect that I not do that, then what is that expectation based on? Do you think you have some right to pull out a gun and forcibly imprison me for looking at my own property under a microscope?
And if I can whip out a microscope and read out my own key, then I'm damn well going to go into business doing so for everyone else so that they can have their master keys as well.
Trusted Coumputing would be a great thing if people simply knew their master keys. It would be identical hardware with identical capabilites and you're get all of the claimed security benefits against viruses and hackers and everything else. The only difference is that wehn the owner knows his master key then he cac choose wo use it when he likes, can avoid lock in and he can avoid lock out. All you really "lose" is DRM. And when someone is NOT COMMITING COPYRIGHT INFRINGMENT then there is absolutely nothing wrong with using YOUR OWN KEY to unlock YOUR OWN FILES on YOUR OWN COMPUER.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.