Slashdot Mirror
The DRM Scorecard
An anonymous reader writes "InfoWeek blogger Alex Wolfe put together a scorecard which makes the obvious but interesting point that, when you list every major DRM technology implemented to "protect" music and video, they've all been cracked. This includes Apple's FairPlay, Microsoft's Windows Media DRM, the old-style Content Scrambling System (CSS) used on early DVDs and the new AACS for high-definition DVDs. And of course there was the Sony Rootkit disaster of 2005. Can anyone think of a DRM technology which hasn't been cracked, and of course this begs the obvious question: Why doesn't the industry just give up and go DRM-free?"
we (geeks) can do it because we are prepared to go through the many steps to remove the DRM
the average joe needs a (free) really easy (integrated) app that strips the DRM, no command line stuff or blind them with options
and (in|un)stallers hell i bet they dont even know what DRM is other than the dialog in their player saying "sorry you dont have a license"
just a simple
no need for finding keys or running multiple apps to crack it just a press button and joe can play his file again
the easier it is to do something the more people will do it
you're trolling, but with a valid point. The bottom line is that the idea itself is fundamentally flawed. You cannot give the public limited access to information that requires their full access (however carefully managed you make it) without making it vulnerable to defeat. The only true three purposes at this point are (1) to make casual infringement difficult enough to be inconvenient, (2) to prevent use of IP in a way that you really don't feel like letting them use it, and (3) to give them a legal defense. (if you fail to defend your IP you tend to lose it in court)
They know how evolution works. The most draconian systems they come up with today will be childs play eight years from now. So in reality, for as nasty as they look now, they will be almost pointless 10 yrs from now. (look at CSS...) So what they're doing now really this isn't any worse than CSS was when it was made, relatively speaking. Six years from now we will look at this and yawn, as we feed a spindle of old blue rays into a reader (at 25 seconds each) and download our entire collection to our data cube.
I work for the Department of Redundancy Department.
Last I looked Cable HDTV DRM still hasn't been cracked which sucks if you want to use a myth box. You can only get an HDMI with HDCP signal out which I also don't think has been cracked. I really hope they do crack it so I can watch the HDTV that I pay for on my computer whenever I want. As a side note I once talked to my friend(who works for comcast) about driving a GNU/Linux driver for the CableCard. He told me it would be hard and was 100% sure we would be taken to court. The CableCard apparently looks to make sure the hardware using it is certified. Cracking that shouldn't be to hard but apparently the deal that at least comcast has with the content providers is that if there DRM is cracked they have 30days to fix it otherwise they have to recall all devices with the DRM capability and destroy them. Then they can issue new ones with newer DRM, otherwise they risk losing that content.
And the irony of all this is that the industry isn't even hurt by typical casual copying, which is often be done for the private use of the copier anyways.
File under 'M' for 'Manic ranting'
I don't rember ever seeing DIVX ever being cracked. The fact that it failed in the market and you could get the exact same content off of a non-DIVX DVD aside, I don't know of a crack for it.
But everything that has been in use for a little while or on successful product? Yeah, it's cracked. The article doesn't even begin to mention all the software protection schemes that are no longer effective.
Comment forecast: Bits of genius surrounded by a sea of mediocrity.
TOR
Plausible deniability
Analogue hole
What we miss is a file sharing program that makes use of a TOR like network and stores the files in a plausibly deniable container by default (i.e no need to be a computer geek) so that everyone can use it. Such a program would essentially be a tactical nuke against the record label's business model. Some time ago I may have considered promoting this immoral, but after I had a night ruined by region codes ( my girlfriend* at the time had bought me a present while visiting the states ) I sort of want to see this bullshit fail as much as possible. Unfortunately I don't know shit about designing a decent network so I can't write the stuff myself, but if things continue the way they do it is only a question of time before somebody does it.
*Yes yes, I know I'm not supposed to have had a girlfriend and post to slashdot... If it helps maintain the stereotype I could disclose that I'm nocturnal, skinny and still living with my mother...
Of course not. That's why the MAFIAA and similar parties use the legal system to fill the holes that technology can't. If you can't actually stop everyone from doing it, simply make it illegal, and sue anyone who gets past the initial hurdles.
DRM and IP law, the technological and the legal - the two work in tandem, but I would say that the end goal is perfect control over content. Anything less than perfect control is, after all, simply an unexploited opportunity for profit.
"Anyone who [rips a CD] is probably engaging in copyright infringement." - David O. Carson
What annoys me is that while current versions of QTFairUse strip the DRM off audio files just fine, nobody as of yet has put out a simple tool to strip off FairPlay from Apple's video files. If it's the same DRM scheme you'd think they'd just extend FairUse to do video files as well, but they've just not done that. I guess there must be some issue with the exploit they use that precludes using that hole for video as well I suppose...
It's been what, 2+ years since Apple started selling videos and still no crack?
If a job's not worth doing, it's not worth doing right.
Mod parent up.
This is indeed the root of any high-distribution system and is applicable to several domains--piracy, drugs, airborne diseases. It only takes one copy on a viable transmission medium to start the ball rolling.
Yet Socrates himself is particularly missed.
A lovely little thinker but a bugger when he's pissed.
The industry isn't trying to make uncrackable DRM. They're trying to make DRM that's just annoying enough so that the majority of users don't go to the trouble. Expert users will always crack whatever they put out. That wouldn't be a problem except for the ease of distribution BitTorrent affords and other P2P services afford. The same principle applies w/ the RIAA lawsuits. They're not trying to sue everyone who pirates music. They're just trying to get enough publicity so that people start thinking, "Gee, if I download that song then there's a chance, however remote, that the RIAA is going to sue me. Even if the law is on my side and I win, that would be a colossal hassle. Maybe I'll just buy it instead."
Maybe you haven't been paying attention, but the RIAA/MPAA are losing.
How we know is more important than what we know.
"this begs the obvious question: Why doesn't the industry just give up and go DRM-free?"
The entire entertainment industry is so consumed with greed that they are no longer able to think clearly. The failure of DRM is so painfully obvious, but the MPAA, RIAA, BSA, etc. are so blinded by greed that they can't see it. To them, the failure of DRM is proof that they need bigger badder DRM along with bigger badder laws to punish people. This is what greed does to you.
The secret to success is simple: make a good product and sell it at a fair price. But when you are bkinded by greed and convinced that you're losing billions of dollars to "piracy", you think that the secret to success is to control your precious "intellectual property" with the most draconian iron-fisted methods possible.
Ed Felten took a whack at this question a while back that stuck with me in the context of HDCP DRM.
...
First: Why is the weak system worth spending 10,000 gates for? The answer doesn't lie in platitudes about speedbumps or raising the bar -- any technical bumps or bars will be obliterated when the master secrets are published.
So temporary piracy prevention doesn't seem like a good explanation.
A much more plausible answer is that HDCP encryption exists only as a hook on which to hang lawsuits. For example, if somebody makes unlicensed displays or format converters, copyright owners could try to sue them under the DMCA for circumventing the encryption."
Because if there's anything a tech mogul hates worse than his own customers, it's his competition.
DRM in a Nutshell:
An encryption system is a way to deliver information securely, even through the hands of the thieves.
A DRM system is a way to cut out the middleman, and deliver information securely into the hands of thieves directly.
See the problem?
Confusing the thief for the customer is why DRM can never work.
Confusing the customer for the thief is why DRM can never sell.
I dont like the analogy of a bank vault at all. Its not like people are breaking into a video store and stealing videos. These are usually people who have lawfully purchased a video and want to use it for their own private purposes but this has been restricted by DRM. DRM circumvention is often an attempt for a consumer to simply use something they legally purchased for their own private use, such as making back up copies or playing it on their computer, or copying to their ipod. I dont see any problem with that unless they are distributing it to others, Once a person has legally obtained some work, it should be theirs to do as they please with it for their own private use.
We already have copyrights to protect the producers of works. DRM is going too far as it restricts the users rights to use something for their own private use, for which they have legally purchased.
doesn't matter what anyone says, neither my mom or my dad, nor my three sisters, nor any of my cousins know how to use any tool to remove drm. and i doubt they ever will. most of my cousins and sisters can handle the likes of limewire though.
"The BBC's iPlayer has recently come under fire for being Windows only and DRM-riddled, but what can they do?"
Send everybody who pays for a TV license a card with an ID and password.
Person must first log into the web site with their ID and password, and then they can stream the programs using some sort of open CODEC or even Flash.
The solves 98% of the problem. And it's one of those good enough solutions that lawyers and bureaucrats will turn down because they're not thinking rationally. They're looking for a 100% protection solution that can never exist. They're only making it harder for their customers, and it makes no difference to "protecting" the content.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
You're missing the point. That whole post was about the misuse of the phrase "begging the question".
The theory of relativity doesn't work right in Arkansas.
Hmm.
I propose Xbox 360 DRM.
Essentially un-hacked after all this time. Interestingly enough it's been possible to run warez for long time but ONLY if it's right region and no modification whatsoever is possible (cheats etc)
However, homebrew software, cross-region mods, or any modification to the games: Big Ix-Nay.
Yes, if you go to extreme lenghts and took the necessary steps long time ago it's possible to change the region code of the console. The kernel vulnerability was patched and there's no way to un-patch unless you exploited the vulnerable kernel to obtain one of the encryption keys. Or in other words, if this is news for you, forget about it.
Good luck trying to get this information past any tie.
I've been in the computer security biz for a long while now. You'd be amazed how many suits think of security as a product to buy, to install and then never think of it again. When you tell them that it should be audited and reviewed every now an then at least (personally my suggestion is every month or at least every two months), they look at me bewildered and reply with something akin to "but we just bought the security you mentioned. What gives, is it not secure?" (implying "Are you selling snakeoil?")
You have no idea how hard it is to get it past an exec's skull that security is an ongoing process and evolving, not something static that you set in stone for now and forever.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
But some people enjoy working on their homes, and like the satisfaction of getting done and knowing that they did it. And I know that if my choices were either:
A. work overtime so that I can pay someone to do it, or
B. not work overtime and do it myself
I'd choose B. Working on a house is more interesting than sitting at a desk driving Catia all day, and (usually) the frustration level isn't any higher. It may take me longer overall, but I'd be at home with my family instead of at work.
The meek may inherit the earth, but the strong shall take the stars.
Locks also keep dishonest people from stealing things from honest people.
The GP was correct, locks keep honest people honest. They do nothing for stopping dishonest people. The same goes for DRM.
Sorry that's not what DRM does.
DRM prevents honest people from using the stuff they buy in ways they are legally entiteled to, pissing them off and turning them into dishonest people
The only reason I have on occasion bought DRM burdened material is because I expect the DRM to be breakable, now or later. I'll be doing something that is legal, but not approved by the copyright holder, when converting that material to any format I choose. If I was interested in uploding material and breaking copyright law I wouldn't bother buying anything in the first place, I'd just download it. Unfortunately the RIAA and MPAA and their sister organisations in other countries are continually pushing stronger DRM to keep their product inferior to what the pirates are offering.
- We are the slashdot. Resistance is futile. Prepare to be moderated -