The DRM Scorecard

An anonymous reader writes "InfoWeek blogger Alex Wolfe put together a scorecard which makes the obvious but interesting point that, when you list every major DRM technology implemented to "protect" music and video, they've all been cracked. This includes Apple's FairPlay, Microsoft's Windows Media DRM, the old-style Content Scrambling System (CSS) used on early DVDs and the new AACS for high-definition DVDs. And of course there was the Sony Rootkit disaster of 2005. Can anyone think of a DRM technology which hasn't been cracked, and of course this begs the obvious question: Why doesn't the industry just give up and go DRM-free?"

Re:You mother fuckers are pissing me off

[v1]

you're trolling, but with a valid point. The bottom line is that the idea itself is fundamentally flawed. You cannot give the public limited access to information that requires their full access (however carefully managed you make it) without making it vulnerable to defeat. The only true three purposes at this point are (1) to make casual infringement difficult enough to be inconvenient, (2) to prevent use of IP in a way that you really don't feel like letting them use it, and (3) to give them a legal defense. (if you fail to defend your IP you tend to lose it in court)

They know how evolution works. The most draconian systems they come up with today will be childs play eight years from now. So in reality, for as nasty as they look now, they will be almost pointless 10 yrs from now. (look at CSS...) So what they're doing now really this isn't any worse than CSS was when it was made, relatively speaking. Six years from now we will look at this and yawn, as we feed a spindle of old blue rays into a reader (at 25 seconds each) and download our entire collection to our data cube.

Cable HDTV DRM

[nukem996]

Last I looked Cable HDTV DRM still hasn't been cracked which sucks if you want to use a myth box. You can only get an HDMI with HDCP signal out which I also don't think has been cracked. I really hope they do crack it so I can watch the HDTV that I pay for on my computer whenever I want. As a side note I once talked to my friend(who works for comcast) about driving a GNU/Linux driver for the CableCard. He told me it would be hard and was 100% sure we would be taken to court. The CableCard apparently looks to make sure the hardware using it is certified. Cracking that shouldn't be to hard but apparently the deal that at least comcast has with the content providers is that if there DRM is cracked they have 30days to fix it otherwise they have to recall all devices with the DRM capability and destroy them. Then they can issue new ones with newer DRM, otherwise they risk losing that content.

Re:Geeks do- everyone else doesn't.

[mark-t]

And the irony of all this is that the industry isn't even hurt by typical casual copying, which is often be done for the private use of the copier anyways.

Re:Geeks do- everyone else doesn't.

[langelgjm]

It discourages casual copying, nothing more, but I can't imagine it was intended to do any more. Nobody's that stupid.

Of course not. That's why the MAFIAA and similar parties use the legal system to fill the holes that technology can't. If you can't actually stop everyone from doing it, simply make it illegal, and sue anyone who gets past the initial hurdles.

DRM and IP law, the technological and the legal - the two work in tandem, but I would say that the end goal is perfect control over content. Anything less than perfect control is, after all, simply an unexploited opportunity for profit.

Re:DirecTV

[Dun+Malg]

I don't think DirecTV's DRM has been cracked since they replaced it a few years ago. DirecTV encryption isn't classical "DRM". It's a live, encrypted delivery system rather than a chunk of data in a fixed medium, which makes it a moving target. It would be quite possible (though not exactly trivial) to record a given segment of the data stream and hack the particular key used to encrypt it, thus "breaking the DRM" on that particular block of content. This could not be done in a timely enough manner (i.e. in real time) to make it worthwhile, though, which is why no one does it.

Re:Geeks do- everyone else doesn't.

[imtheguru]

Mod parent up.

This is indeed the root of any high-distribution system and is applicable to several domains--piracy, drugs, airborne diseases. It only takes one copy on a viable transmission medium to start the ball rolling.

Re:Geeks do- everyone else doesn't.

[QuantumG]

Maybe you haven't been paying attention, but the RIAA/MPAA are losing.

The Answer: Greed Makes You Stupid

[rudy_wayne]

"this begs the obvious question: Why doesn't the industry just give up and go DRM-free?"

The entire entertainment industry is so consumed with greed that they are no longer able to think clearly. The failure of DRM is so painfully obvious, but the MPAA, RIAA, BSA, etc. are so blinded by greed that they can't see it. To them, the failure of DRM is proof that they need bigger badder DRM along with bigger badder laws to punish people. This is what greed does to you.

The secret to success is simple: make a good product and sell it at a fair price. But when you are bkinded by greed and convinced that you're losing billions of dollars to "piracy", you think that the secret to success is to control your precious "intellectual property" with the most draconian iron-fisted methods possible.

Re:All bank vaults and locks have also been cracke

[Eravnrekaree]

I dont like the analogy of a bank vault at all. Its not like people are breaking into a video store and stealing videos. These are usually people who have lawfully purchased a video and want to use it for their own private purposes but this has been restricted by DRM. DRM circumvention is often an attempt for a consumer to simply use something they legally purchased for their own private use, such as making back up copies or playing it on their computer, or copying to their ipod. I dont see any problem with that unless they are distributing it to others, Once a person has legally obtained some work, it should be theirs to do as they please with it for their own private use.

We already have copyrights to protect the producers of works. DRM is going too far as it restricts the users rights to use something for their own private use, for which they have legally purchased.

Re:security != technology

[Opportunist]

Good luck trying to get this information past any tie.

I've been in the computer security biz for a long while now. You'd be amazed how many suits think of security as a product to buy, to install and then never think of it again. When you tell them that it should be audited and reviewed every now an then at least (personally my suggestion is every month or at least every two months), they look at me bewildered and reply with something akin to "but we just bought the security you mentioned. What gives, is it not secure?" (implying "Are you selling snakeoil?")

You have no idea how hard it is to get it past an exec's skull that security is an ongoing process and evolving, not something static that you set in stone for now and forever.

Re:It's the convenience, stupid

[icebrain]

But some people enjoy working on their homes, and like the satisfaction of getting done and knowing that they did it. And I know that if my choices were either:

A. work overtime so that I can pay someone to do it, or
B. not work overtime and do it myself

I'd choose B. Working on a house is more interesting than sitting at a desk driving Catia all day, and (usually) the frustration level isn't any higher. It may take me longer overall, but I'd be at home with my family instead of at work.