Slashdot Mirror
The DRM Scorecard
An anonymous reader writes "InfoWeek blogger Alex Wolfe put together a scorecard which makes the obvious but interesting point that, when you list every major DRM technology implemented to "protect" music and video, they've all been cracked. This includes Apple's FairPlay, Microsoft's Windows Media DRM, the old-style Content Scrambling System (CSS) used on early DVDs and the new AACS for high-definition DVDs. And of course there was the Sony Rootkit disaster of 2005. Can anyone think of a DRM technology which hasn't been cracked, and of course this begs the obvious question: Why doesn't the industry just give up and go DRM-free?"
Just because the ability exists to crack it, doesn't mean that the average Joe on the street can do so.
It discourages casual copying, nothing more, but I can't imagine it was intended to do any more. Nobody's that stupid.
"It is possible to commit no errors and still lose. That is not a weakness. That is life." -Peak Performance
Frivolous lawsuits. Until the RIAA finally realizes that its lawsuit tactic isn't working it's the only attempt at DRM that hasn't been made completely useless yet. Unfortunately I don't see that happening unless/until they lose bigtime in multiple court cases.
The same effect has been observed in software for years, Windows XP had an activation thing built in, anyone who knew what they were doing would bypass it, anyone who didn't (and didn't know anyone who did) would eventually go and buy superfluous copies of software they already owned.
Okay, let's try Alex Wolfe's argument in a different context:
"When you list every major law implemented to "protect" life and property, they've all been broken. Can anyone think of a law which hasn't been broken, and of course this begs the obvious question: Why doesn't society just give up and go law-free?"
DRM doesn't have to be perfect to do its job, anymore than law enforcement has to be "perfect". It just has to be effective enough to keep Joe Average from copying the file. Whether or not DRM is actually "good" or "bad" for media producers is a completely different argument, but Wolfe's sophomoric reasoning does nothing to address it.
DRM is just "an electronic lock".
There's a well known saying "Locks secure you against honest people" (or words to that effect).
The hard-core/organized/professional criminals have the skills, technology and motivation to bypass these "security measures".
Remember people, locks aren't about making you secure, they're about making you FEEL secure.
s/locks/airport security screening procedures/
s/locks/the department of homeland security/ (well, that and political empire-building and creating a police-state by stealth)
Smokey The Bear Says: Only YOU can prevent the violation of your civil rights "in the interest of National Security".
Visit CryptoGnome in his home.
A mechanism that is difficult to crack (whether that is a physical lock or DRM or password) makes it harder for the cracker and reduces the likelihood of someone actually doing the cracking. That removes casual crackers from the equation.
It also makes the cracking act more deliberate and makes it far harder for someone to claim: "That diamond got in my pocket.... I just found it on the sidewalk and thought it had been thrown out." or "Oh that music on my MP2 player... I thought it was free!"
Engineering is the art of compromise.
There's only one copy protection system I know of that hasn't been (meaningfully) cracked, and that's MediaCipher, created by Motorola for the cable TV crowd. Ironically, it was one of the first ones ever created. (Of course, it helps that the boxes implementing MediaCipher are only rented -- never sold -- to end-users.)
Copy protection next showed up in a major way for computer games, most notably for the Apple ][ computer. This fetish briefly spread into applications software as well as games, until the users thundered, "No Fscking Way." It took about four to six years for this to shake out.
Despite the fact that there is no conclusive evidence that copy protection has any meaningful impact on sales, anti-copying measures are still used extensively, but by no means universally, throughout the games industry. In particular, Unreal Tournament's initial anti-copying measures are little more than perfunctory, and are later dropped entirely.
Near as I can determine, copy protection advocates claim as axiomatic that unsanctioned copying will depress sales to livlihood-threatening levels. They cleave to this axiom with a fervor usually associated with religious fundamentalists. However, every time this axiom is honestly examined, mitigating or even entirely contradictory evidence is discovered. Yet the myth persists.
It's not the technology we need to combat (since Turing proved it can never work). It's the defective thinking.
Schwab
Editor, A1-AAA AmeriCaptions
Unfortunately, the analogy doesn't quite hold. Breaking into bank vaults is more like performing a brute force attack on a DRM scheme, every time you wanted to break it. DRM schemes don't work like that. Typically once a scheme is compromised, it becomes possible for anyone subject to it to break it almost instantly. All it takes is for someone to write a quick tool that automates the cracking process and all the barriers presented by the DRM scheme pretty much fall away.
I'd say that DRM schemes are like having one giant bank vault. Yes, it will eventually get compromised, and once it is, everything inside is trivial to take.
I've never heard of an MMORPG that was cracked to that you could play for free (on an official server) or even play without purchasing the client software.
My idea of a cracked DRM is one that allows you to use the product exactly is if the DRM was not included. I think starforce which is used for gaming was never fully cracked. At least not the latest version. I remember seeing a crack for a game (I forgot its name, go figure) which used starforce that required you to physically unplug your dvd drive from the motherboard in order to work... Starforce was such a violent protection that even the game companies themselves decided to ditch it. It would do havoc to your machine and I even heard several cases were a DVD drive was rendered useless because of it.
As someone has already mentioned, no DRM is uncrackable but some of them require a lot of work. The DRM's of popular products will always be cracked because of the demand but there are many people who use niche products that are usually not worth the effort for the skilled crackers. These will just have to take the pill and suffer quietly.
Actually we really don't have the iTunes DRM cracked. I mean it can be circumvented but it hasn't been cracked since version 4.6
The purpose of DRM isn't to keep dishonest people from copying music.
The purpose of DRM is to force honest people to repurchase music every time the format changes.
Once you understand that, the obsession with DRM makes more sense.
The cake is a pie
Probably because who knows enough to work on a crack knows anything by Real isn't worth their time.
Fundamentally, you're spot on. It is a hell of a lot worse than bank vault security. You can't have the party it's secured against also the one it decrypts for. It just makes no sense! All DRM is crackable by definition, they know this, they just want to make it as much of a hassle as possible.
No, it's flawed because it CAN be cracked easily: The decrypting key is in the firmware contained in your DVD player.
In cryptography, we have an explanation using Alice and Bob. Alice is communicating with Bob, while Eve (eavesdropper) tries to decrypt the message. Alice and Bob have the key to decipher the message, but Eve doesn't. She wants to decrypt the communication *without* the key.
A --- E --- B
Alice in this case, is the Digital Media producer (or encrypter), and B is your DVD. You're Eve. The problem with DRM is that Eve *HAS* the key. By cracking the DVD software (some disassembly, debugging and you're done), Eve can obtain the key from Bob.
A --------- B E
This is the problem with DRM. It's flawed by design. The DMCA is a legal "patch" to this algorithm, punishing Eve if she gets the key from Bob. The problem with DMCA is that the punishment doesn't apply to all countries, and trying to enforce it results in attacking freedom of speech.
There isn't a door lock that can't be cracked by the most humble of clerks working at Home Depot, but that hasn't stopped the door lock industry. Next time you walk into the office, look up and imagine how many offices could be entered by simply removing a set of $2.00 ceiling tiles that stand in the way.
The fact is, humans need these reminders. They give people who know what is right permission to do the right thing.
The more you scare people.....the more they will pay.
Bad analogy. You see, digital media can be copied for zero cost. Physical objects cannot. Therefore, as long as one person cracks the DRM, then essentially everyone has because that one person can the redistribute the DRM-free media for free. In fact, its even worse than that because not only can that one person distribute, but every person that the first person gives it to can also redistribute, and so on and so forth.
We all know what to do, but we don't know how to get re-elected once we have done it
There's better places to get the content, so why bother cracking it?
How we know is more important than what we know.
1) It only takes ONE person to "crack" and copy music, a movie, etc. and make it available to all the average Joes.
"Available" is a relative term.
For your average iPod-buying Joe, it's easier to find a desirable song by buying a CD on the way home or to search and download it from the iTunes Store, than it is to find a reliable and spyware-free Gnutella client, search for the song, eliminate all the junk matches, find one that's good quality, and download it.
I like using the iTunes Store to download singles because it's MUCH more reliable and usable than browsing for free MP3s, as long as the iTunes Store actually carries said singles. It's also much, much faster at downloading movies.
For the non-geek, legal DRMed media files are generally easier to find, easier to download, faster to play, and usually have their metadata tagged properly too. The only downsides are that you can't give it away to your friends and it costs more. But like Linux, cracked multimedia files are only free if your time is worth nothing.
It is all about enforcing a monopolistic distribution channel, a walled garden. They are trying to get all of the pie, not just a chunk. I went into more detail here:
http://www.theinquirer.net/?article=29161
-Charlie
Which is exactly why they feel they have to make it harder to copy. It doesn't cost anything, so the only thing they can do is throw the law around while simultaneously making it more difficult to copy.
Now, obviously the honor system doesn't work. If DRM vanished tomorrow, most Slashdotters would still keep downloading. It provides something to bitch about more than anything. The fundamental problem is that Slashdot has decided it doesn't like the media industry's business model. It doesn't actually have anything to do with DRM in the overwhelming majority of cases--precisely because every single kind of DRM has been cracked. It's not a real deterrent to Slashdot. But it's good for the go to pretend that it was supposed to be and you beat "the man."
The only real deterrent is the law, which is why there's all the sabre-rattling here. You don't want to pay for the content. You've all but declared it every single time this issue comes up. There aren't many people here who carve a rational balance. Most of you will continue getting it for free because a) you can and b) you don't think they deserve money in the first place (or "not as much as they charge" in the truest mob fashion). Rationalize all you want, but that's all it comes down to.
There need to be massive changes in the media industry. Lots of things which are fundamentally clear have become confused in the fiery rhetoric and the balance is wrong. But if you won't come to the table, why should they?
Sure there is. A correctly employed OTP is completely, mathemathically proven, uncrackable.
But there is no uncrackable DRM-technology. There can't be. By nessecity the users machine MUST contain all the information needed to decode the media. If it didn't, it couldn't display it. If it can display it, it fundamentally CAN also save it in an unrestricted format.
Yes, it may be more or less tricky to get at the keys. But it'll always be *possible*.
Locks are a good way to keep honest people honest, but they should be simple and unobtrusive. The reason why we have key locks on our front doors instead of complicated biometric systems (this may be the wrong audience for this comment) is that they are simple, cheap and less prone to failure.
Remember the front door is public, the lock is public but only the owners have the key. The front door system works because not everyone who can get to the door has the key. DRM simply doesn't work because you have the content, the lock and the key.If this were really happening, what would you think?
Not trying to be a troll. But I strongly disagree with the hive-mind about DRM being as hopeless as the comments proclaim.
Frist off, digital piracy isn't that different from brick-and-mortar piracy -- sellers will always try to find ways to prevent theft, and those who want to pirate stuff will always find ways to circumvent the checks. This is human nature and the it'll probably never change.
Second, while we (rightly) think that the RIAA could save itself a lot of effort by revamping its model, that argument doesn't scale to other media. For example, movies. Movies are expensive to make, and don't sell in the same volumes as songs. The RIAA might easily solve its problems by moving to an AllOfMp3-like model, and pricing structure. But the MPAA won't be able to do the same -- charging 10 cents a movie will mean that they need to sell about 150 times the volume to make similar profits. Charging even $4 a movie will be enough incentive for people to go back to bittorrent. So clearly, its a never-ending tug of war, and while we think the RIAA/MPAA should in good faith adjust it's pricing model etc. the MPAA (at least) can't rely on the same good faith from its customers.
But of course, the RIAA and MPAA are not blameless. And neither are Apple and MS and anyone else creating DRM schemes for multimedia formats (in fact, perhaps the Apple and MS folk are more guily than the RIAA/MPAA. Thier real sin is, they are trying to exploit a side-effect of DRM by not openly licensing thier DRM schemes and not making them interoperable/platform-agnostic. They have seen the side-effect of locking in customers by not licensing thier DRM schemes and by using proprietary formats, and they're frothing at the mouth with the possibilities of locking in customers, and getting duplicate revenues from those that do defect.
At one point, I was actually willing to give MS some props for trying to rally the industry around a single DRM scheme (PlaysForSure) and keeping the API for it open. The lack of PlaysForSure on Macs and Linux is a big problem, and using WMA is a bigger problem, but the real sin was when they came out with yet another DRM system for the Zune. (Unless their PlaysForSure contracts made it a necessity by stipulating that MS will never come out with a PlaysForSure device or something like that - I wonder).
And Apples fault is in how they choose to license FairPlay. They seem to have some arbitrary 'coolness factor' that needs to be met before they license FairPlay (which they do license out). For example, it's clear that the Xbox ppl have given iPod integration a lot of importance, and they must surely have approached Apple to license Fairplay so that even protected songs could be streamed to the 360 from a PC/Mac or iPod. The fact that this doesn't work today can only be because Apple did not license FairPlay. A terrible sin, for what would have been a very cool and easy to use feature. They did not think about the benefit to their users first -- they thought about lock-in instead.
This is really what's wrong with DRM today. Companies are having a field day with trying to lock in consumers, and not giving any thought to enabling them to use thier property in as many fair ways as possible. The focus is completely on lock-in, and disabling, rather than enabling, and maintianing an audit trail without hindering.
The solution might come from the market, in time. But for that people need to be very vigilant about shunning DRM schemes until these companies learn thier lesson and start inter-oprating with each other. That doesn't look like its happening anytime soon -- what with iTunes downloads crossing the 3 billion mark the other day. Consumers only have themselves to blame if they endorse DRM in this manner.
The solution might come faster through litigation. Either through class action lawsuits (iTunes customers who want to migrate so a non-apple mp3 player, who get pissed because thier collections are now worthless), or Congress (ve
DRM doesn't exist to stop the big organised cracking groups who release media online (they try to do this with lawsuits).
Nor does it try to prevent the street sellers, who mostly buy their stuff from the above, mass duplicate and sell cheaply.
What it's intended for, is to screw more money out of the average consumer.
When i was a kid, my parents would buy me music on vinyl records, and record them to audio cassette for me to play, because being a kid i would invariably ruin the media at some point. When that happened, they would make me another copy. Similarly, they would make copies to play in the car (tapes often got damaged if they were left on the dashboard in hot sunny weather, and i doubt there are many cars which can play vinyl).
DRM will stop these law abiding citizens from making their own personal-use copies, and force them to buy multiple copies of their media, and there are even more reasons to format-shift now:
CDs - to play in the car
CDs - for kids to destroy
Digital files - to play on a media center
Digital files - for an ipod or cellphone
Ofcourse, those who pirate media will continue to do so, and will be better off than those who don't. Eventually more of those people will choose to pirate media instead so that they gain the benefits of drm-free media.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!