The Choice Between DRM and Security

gormanly writes "Victor Yodaiken has an article up on Groklaw in which he discusses how DRM may decrease security and reliability. He raises several questions that the developers of DRM technologies ought to answer - because not all computers are merely personal entertainment systems for 'content' consumers." From the article: "Sony BMG put DRM software onto CDs that broke the basic system security and made the entire system slower and less reliable. Imagine that your children put such a CD on your computer and opened an avenue for hackers to make copies of your business memos and personal email ... We are entering the era of ubiquitous and safety critical computing, but the developers of DRM technologies seem to believe that computers are nothing more than personal entertainment systems for consumers. This belief is convenient, because creating DRM mechanisms that respect security, safety, and reliability concerns is going to be an expensive and complex engineering task."

Misquote

[Mantus]

If your qouting what I think you're quoting it's much worse.
Most people don't even know what a ROOTKIT is, so why should they care about it?"

-- Thomas Hesse, president of Sony BMG's global digital business division

Re:The Rights of Artists Vs the Rights of Listener

[bsane]

You imply that as you replace your computers the available 'authorizations' are reduced, but you can 'deauthorize' a computer at any time. So old replaced computers aren't counted against you.

This is only a problem if you want to have access on more than 5 computers simultaneously. It could happen, but a lot less likely- I have 6 computers that get regular use, but only 3 that I listen to music with.

Oh- I'm not for DRM, just saying that the iTunes implementation isn't that restrictive (and its easily broken anyway).

Felten on CD copy protection and spyware

[MrAtoz]

Ed Felten's blog had an excellent analysis of why CD copy protection will inevitably lead to spyware. The crux of the matter, as Felten sees it:

So if you're designing a CD DRM system based on active protection, you face two main technical problems:

1. You have to get your software installed, even though the user doesn't want it.
2. Once your software is installed, you have to keep it from being uninstalled, even though the user wants it gone.

These are the same two technical problems that spyware designers face.

He's had a lot to say about the Sony rootkit, all of it interesting.

What makes you think you get a choice

[overshoot]

But it will probably be a dedicated DRM applicance, 'cuz there's no way to secure a PC computer. None when the user has root and access to hardware.

Unless you have a pretty impressive lab in your garage, capable of stripping an IC layer by layer and e-beaming the results to detect stored charges, you don't have access to the hardware. Next!

They'll have to discount it heavily, or have some pretty compelling content (which is nowhere to be seen) before I buy.

Hate to break the news, but it's in all of the next generation of CPUs. Either get used to the idea of a "rootkit in hardware" or quit retiring those old boxes to the guest room, because from now on the old kit is the only kit you can trust.

Re:The Rights of Artists Vs the Rights of Listener

[dorkygeek]

Simply deauthorise all your computers at once from one of the other 4 accounts:

If you have authorized five computers, a button labeled "Deauthorize All" will appear in your Account Information screen. This button will deauthorize all computers associated with your account. You can then reauthorize up to 5 computers. Note: You can only use this feature once a year.

Of course, if you suddenly lose access to all your accounts, contact Apple.