EU Encouraging Standardized DRM, Licensing

I Don't Believe in Imaginary Property writes "The European Commission is trying to encourage a standard licensing and DRM scheme for all of Europe, as well as 'cooperation procedures' and 'codes of conduct' for ISPs, copyright holders, and customers. No legislation has been proposed yet, but the 'cooperation procedures' sound like a push for an EU version of the DMCA Takedown Notices, which are already routinely sent to people outside the US. While simplified licensing might be nice, it's interesting that they don't appear to understand the inherent tension between standardization, interoperability and DRM — break once, copy everywhere."

It's over...

the internet is finished. Everyone go home, it was fun while it lasted.

Re:It's over...

[somersault]

Yeah, because the only useful thing the internet did was help spread illegal music? Have we so quickly forgotten our roots? Won't someone please think of the porn stars? :(

Re:It's over...

[crymeph0]

Are you kidding? Think about it. What do the Space Shuttle, the American Electoral System, and L.A.'s public transport system have in common? They all suck, and they were all designed by committee. DRM designed by a committee will be easy to break, and take forever to get "fixed" after each break.

Re:It's over...

[somersault]

Ah, I thought the connection was that they were all being driven by sweaty monkeys.

Re:It's over...

Interesting fact: the US constitution was also designed by a committee, as was the US flag. I'd advise you not to announce too loudly that you think they suck, because being lynched is not always a pleasant experience.

Re:It's over...

I think of the porn stars morning, day, and night. Especially at night!

Re:It's over...

[BronsCon]

Yeah, because the only useful thing the internet did was help spread illegal music? No. However, most of the music produced today should be illegal in any format, not just when shared over the internet.

Re:It's over...

[BrianGKUAC]

Where's the (+1 Tragically Funny) modifier when you need it?

Hm...

[rxmd]

they don't appear to understand the inherent tension between standardization, interoperability and DRM break once, copy everywhere.

Well to be honest that sounds like a good thing. If the industry is forced to do their DRM in an interoperable way it will be better than the present situation where DRMed content is practically not interoperable at all. And if the industry is forced to get their act together and actually do it right, because if they implement some kind of half-assed scheme that gets broken everywhere at once and forever, it doesn't sound too bad either. So maybe they do understand it.

I'm not a friend of DRM, but it's likely to stay around for a while, and in that case I'd rather have it implemented well than what we see at present.

Re:Hm...

[QuantumG]

And if the industry is forced to get their act together and actually do it right, Do DRM right. Do something that is information theory impossible, but do it right. Yes. I'll just get my magic pixie dust now. This time we'll sprinkle it *right*.

Re:Hm...

[rlauzon]

The only problem is that standardized DRM is a pipe dream.

DRM relies on a secret in order to work. If the DRM is standardized, that secret it out and the DRM is broken.

This, of course, presumes that the purpose of DRM is to "protect" content. We all know that the only purpose of DRM is to lock consumers into a product and restrict consumer choice. So standardizing DRM is something that companies want to avoid at all costs.

Re:Hm...

[Paradigm_Complex]

If I understand this correctly, there'll be an uproar of sorts if it doesn't support Linux (a la BBC iPlayer). Even if they don't half-ass it, but put a huge amount of effort into getting a DRM scheme to work on an FOSS OS it'll still get broken pretty damn quickly, even if the DRM stuff itself is in binary.

Re:Hm...

[TheVelvetFlamebait]

OTOH, letting DRM fail naturally from poor interoperability would be a potent lesson for the labels and studios.

Give them the benefit of the doubt, let them distribute any way they want, then turn 'round and say "I told you so".

Re:Hm...

[pla]

If the industry is forced to do their DRM in an interoperable way it will be better than the present situation where DRMed content is practically not interoperable at all.

And how do you propose we grant iPods the ability to "know" the intent of their users?

Because truly "interoperable", transparent DRM would require exactly that. A Zune would need to know whether you mean for that particular copy to go to a machine you own as a backup, or to a random stranger's machine as a time-limited "sample". And it can't just ask you, because you could conceivably lie.

I do, however, agree with you on one point - If we can get a single form of DRM codified as international law, then when we crack that one, we'll finally have won the war rather than just another battle in an ongoing war.



IMO, "break once copy everywhere" provides the only truly long-term solution to the artifically-imposed DRM "problem".

Re:Hm...

[MartinG]

I think you are looking too much at the short term.

Having more interoperable DRM will be better than having non-interoperable DRM right now, but it will only delay the real goal of no DRM at all.

I'd prefer to put up with a short term spate of incompatability, shortly followed by no DRM at all (which is actually already starting to happen, at least in with music) than a half-assed sort-of-better solution that in reality will never fully work as intended.

Re:Hm...

"Standardized" DRM will be based on a TPM in every machine. Ever machine that wants to access "premium" content will require a licensed, signed and certified operating system with certified drivers. In other words: Microsoft and/or Apple, running on Intel and/or AMD, with NVIDIA and/or ATI video cards... and all the software certified to "protect the precious digital bits owned by the copyright holder". And all of this will be enforced by treacherous computing PC hardware.

Re:Hm...

[Bert64]

Well, interoperable DRM may be easier to crack, but it would also remove one of the biggest and most legitimate reasons for cracking it.

Of course DRM is not intended to prevent copying, it's intended to inhibit fair use and cause legitimate buyers to buy multiple copies of the same media for playing on different devices. Pirates will always find a way to make copies, even if they have to make lower quality analog copies.

Re:Hm...

they don't appear to understand the inherent tension between standardization, interoperability and DRM break once, copy everywhere.


Knowing the comission... I think they are very aware of this exact fact and it's a push to keep the US out of EU (consumer) business.

Re:Hm...

[Yetihehe]

If this one drm is standarized and other drm schemes are made illegal and companies will not use this standarized drm, only criminalists will have drm. If they use this standarized drm, it would be like they didn't use it (drm relies on secrets to work, so if it is standarized, there are no secrets). Don't you see? It makes perfect sense!

Re:Hm...

[badfish99]

Actually, if you read TFA, it sounds as though they want Europe-wide licencing for media downloads. Having one standard DRM schema might or might not be part of this, but they also want to stop the practice whereby paid-for downloads are charged at different prices in different countries: for example, Apple notoriously charge more for itunes downloads in the UK than they do in euro-zone countries. The original purpose of the EU was to create a "common market" where this sort of abuse could not happen.

Re:Hm...

[Richard+W.M.+Jones]

And all of this will be enforced by treacherous computing PC hardware.

Sure, but the treacherous hardware is here, in my hands. (Literally in fact - my desktop machine is an Intel development box which contains a TPM chip). Since it's in my hands, I can use whatever resources are available, and all the time and ingenuity in the world to break the DRM.

Once one person anywhere breaks the DRM on a piece of content and releases that content DRM-free, then everyone has the DRM-free content

Still don't believe me? If you want a parallel case, think about games consoles & "ROMs" (ie. game images) which are distributed on the net because a tiny fraction of a percent of console owners broke apart their consoles, found out how they worked, and removed the DRM from the games.

Rich.

Re:Hm...

[badfish99]

Not necessarily: forcing everyone to use the same DRM scheme would not, in itself, make that scheme less secure. If the DRM is well-designed, the "secret" need only ever be known by a handful of people.
On the other hand, it would give the owner of the chosen DRM scheme a government-enforced monopoly, and we all know what a good idea that is.

Re:Hm...

[MPAB]

On the other hand, it would give the owner of the chosen DRM scheme a government-enforced monopoly, and we all know what a good idea that is.
In fact, that's the european way!!!

Re:Hm...

[SharpFang]

It relies on a secret, not on obscurity. The algorithm doesn't have (and shouldn't) be secret to be secure. Just like GPG being secure despite being open source.

DRM can be standarized, open specs, maybe even open source implementation. But each participant has a set of secret keys, and they don't have to be shared. As long as there's no inherent weakness to the keys, algorithm and implementation, the result is secure. Leak of one key doesn't break protection on all the rest of them.

Of course the no inherent weakness to the keys, algorithm and implementation part is very tricky. Every program has bugs. Bugs can be fixed, but keeping the system up-to-date is left to the end-user. In case of personal encryption systems, it's in your best interest to have it up-to-date. If there are any bugs in your SSH, you want them patched. But it's strictly against your interests to have security bugs in your DRM appliance patched, so if any is found, it may allow people to exploit it to decrypt the data, and just break the system.

Re:Hm...

[CastrTroy]

GPG relies on the fact that only you have your private key. Once your private key is compromised, it completely breaks down. DRM doesn't work, and will never work, because the attacker and the receiver are the same person. You'll always be able to grab the key out of memory, or hook up some mod chip to the computer/console/whatever to bypass the DRM, or dump the memory contents.

Re:Hm...

[Urkki]

DRM relies on a secret in order to work. If the DRM is standardized, that secret it out and the DRM is broken. The secret of working (as much as it theoretically can be) DRM is to have the algorithms and formats public and open, but to have asymmetric encryption and possibility of changing keys. So in the actual scheme itself, there's nothing to "break", except of course the asymmetric encryption, and that's practically impossible with any reasonable key size (choose algorithm that can't be quantum-cracked for future-proofing). When a private key is leaked or cracked, you "just" start to use a new one. And then there can easily be several competing DRM key management companies offering their services to device makers and content suppliers.

Of course this system has all the inherent limitations of any DRM scheme, but it has them "openly". So businesses could build their business logic around reality of DRM, not the marketing bluff of DRM. Also, then it would be possible to legislate specifically against distributing DRM keys without licence, because "a DRM key" would be a well defined virtual object. So no need for "cracking is illegal" DMCA blanket laws, but specific laws that can't be abused to take down grandma's cookie receipt archive.

Re:Hm...

[Xymor]

People fail to realize that even the most secure content still needs to be converted to analog for our eyes and ears to understand. With super high quality audio capture and 1080p60 cameras, the end result would be almost as good as the original wouldn't it?

Re:Hm...

[stsp]

I'm not a friend of DRM, but it's likely to stay around for a while

Have you seen Steal this Film II? While DRM is not its main focus there are some interesting ideas in there that have heavy repercussions on DRM. If you follow that film's arguments, the public simply won't accept DRM any more than people did accept censoring of content back when the printing press first came around. You had to get a state-approved license if you wanted to print a book. These kinds of laws didn't really manage to stay around for a long time though. I really hope history is repeating itself here.

OTOH I haven't really come across any DRM'd content worth consuming yet. I guess back than books might have had relatively more important content than mainstream media today (e.g. books helped to bring about the french revolution while today's mainstream media is mostly about making a few rich people even richer).

Re:Hm...

[mlts]

When I think of standardized DRM, I am reminded of the Clipper Chip, of the mid 90s. Said chip was being pushed to be a part of pretty much any electronic appliance (computers, cars, modems) for cryptography. To protect the algorithm (which was classified at the time), the chips were highly tamper resistant (for the time), and were programmed with the Skipjack algorithm in a secure location after being made. Of course, we all know how well taken key escrow was at the time, and the Clipper chip died a slow death.

I can see someone coming out with a "TPM v2" chip that, instead of acting like a passive smart card like the 1.2 chip today, it being more of an active function, perhaps doing all the audio and video decoding on it, and only allowing decrypted input to be passed to another, similarly armored and tamper resistant, chip on the monitor. Of course, said "TPM v2" chip would be updatable and images pushed out within hours or days of someone breaching it. It could even be an integral part in the booting/running process of a machine, allowing and denying programs to run. Like the Clipper chip, its manufacture and algorithms can be made classified or top secret.

Then, laws and treaties (similar to WIPO) being put into force that make disassembly or modification of the "offical" chip meaning large amounts of time in a prison, and if one country doesn't enforce the law in their own nation, extradition treaties with another country could force citizens to be tried by judges in other countries.

Of course, somewhere down the line the chip becomes mandatory, similar to the V-Chip is in US TVs, and of course, sooner or later, it will require to phone home to be updated periodically.

Eventually, said chip could be made into something that can scan people's systems for anything that whatever nation thinks is bad, and silently phone home with the info, similar to how Punkbuster and WoW's Warden report people running cheat programs. Then, when someone goes to rip their latest DVD for their iPod, the chip notices the ripping/decoding software, phone homes immediately, and in less than 24 hours, the police arrive with a DMCA-based arrest warrent. (No search warrant would be necessary -- the chip would have done a formal scan of the machine and have sent up in a cryptographically signed/timestamped manner "proof" of the infraction with a list of software present.)

I can see standardized DRM taking place... and its a quite fearful thing, not just combining all the old school cypherpunk's fears with regard to key escrow in hardware, but taking modern issues such as rootkits, spyware, and "super-root" access, and mixing all this into one very noxious hodgepodge.

Re:Hm...

[hughk]

Thats where this trusted platform stuff comes in. You never get the data, only an audio or visual feed. The platform hardware validates the OS and only divulges the key to the AV DRM decoder which is running in protected mode. If you change the OS, or heaven forbid, compile your own then you do not validate to the trusted platform firmware. Note that it would be quite hard to completely protect a piece of code as large as a typical desktop OS, and certainly we have seen how easy it has been to subvert consoles. However, real DRM does imply some kind of Trusted Platform and we really don't want that.

Re:Hm...

[19061969]

Remember to sprinkle it on the night of a full moon on a spot where a murderer was hanged.

You will also need a hair from the head of a virgin. Maybe that is why it's taking so long to get right? They should try /. - there are lots here.

Re:Hm...

Sure, but the treacherous hardware is here, in my hands. (Literally in fact - my desktop machine is an Intel development box which contains a TPM chip). Since it's in my hands, I can use whatever resources are available, and all the time and ingenuity in the world to break the DRM.

True, but you are missing the point. DRM (at least for the tech companies) is not about piracy. It's about control over legal uses of technology. "Standardized DRM", is a codeword for Trusted Computing -- it's something that technology companies like Intel, Apple and Microsoft want very badly. Look at Intel - since about 1997 everything Intel has done as been influenced by DRM. '97 is when Intel put its engineers (in force) to work on programs that were deliberately meant to "secure a PC, softare and data, from the owner". I was at a talk from an Intel engineer using this exact phrase - he didn't call it DRM, because it wasn't in common use then.

For the last 25 years, the PC has been a mostly open platform - TC is an attempt to reformulate it into a closed vendor-lock-in platform, which rewards those companies who already have massive market share. Ultimately, the tech companies knows that piracy of content (at least in some form) is impossible to prevent. They also know that control of what code runs on a machines is a cash cow.

So... "standardized DRM" is the dumb-down layman's term for a world in which almost every PC has a Fritz chip/TPM which can be asked "is the machine running software with digital signature X" -- can it be 'trusted'. No Fritz chip/TPM... you aren't trusted, and you get nothing. No digitally signed and certified software... you aren't trusted, and you get nothing.

Gates/Job/Ballmer/[Insert tech company head here] wet dream.

Re:Hm...

[Drinking+Bleach]

Doing DRM right would be cutting off the viewer/listeners eyes, ears, fingers, and anything else that could potentially copy the information, no matter how tedious.

Re:Hm...

[petermgreen]

But each participant has a set of secret keys, and they don't have to be shared.
The bottom line is that to view the content your player has to decrypt it, to decrypt it your player needs a key that will decrypt all content your player is supposed to be able to play.

So every manufacture of player hardware has to have a key that will decrypt all the content someone may want to use on that player. It only takes one vendor to leak said key or produce a player from which the decypted bitstream can be recovered (either deliberately or more likely through incompetance) and the pirate has a decrypted copy which they can release onto the pirate networks.

you can do like the blueray and HD-DVD guys did and make a scheme where you can make newer disks not play on machines with revoked keys but that just gets you into a cat and mouse game with the pirates.

Re:Hm...

[SharpFang]

Actually, it's more like the signing system.
Enable the playback only if the stream is signed by originating party. The consumer appliance has only the public key, the data must be signed by the private key that never leaves the factory.

As long as the DRM and the playback chips are separate, you can intercept the data between them, spoof the DRM 'okay' signal, and so on. If the devices are integrated, good luck getting a microscope and trying to extract the data from the chip's memory cells when it never goes further than 0.05mm away to the decoder part.

Building 'DRM protection + decoder + digital-analog converter' single-chip players is not feasible for any single manufacturer, but if it was a cooperation work of many companies, with government support, it would be possible, feasible and quite likely profitable.

But as I know the life, it will be just another half-assed, easy to crack attempt to get one of existing, faulty schemes formalized.

Re:Hm...

[SharpFang]

unless the output device won't play it without putting a tiny mark in the corner, and the camera will not record it if the mark is visible.

There are already printers that refuse to print images of dollars.

Yeah, all can be circumvented.

Re:Hm...

DRM can be done with tamper-proof hardware. Which is where we're going. Now you may not see this coming but +5: Insightful? Please.

Re:Hm...

[kvezach]

Would that magic pixie dust be called Trusted Computing, by any chance?

Re:Hm...

[SharpFang]

or you can make the player such that it won't leak the decrypted data or keys, say, using a custom chip that is common to all manufacturers. And through legislation make leaking the key a bankruptcy sentence on any manufacturer.

A competent group could create such a chip. It's not impossible.

OTOH, I don't believe it will happen.

Re:Hm...

[TheSpoom]

Except I'm not going to buy it, and I get the feeling there will at least be those of us geeks who do the same.

Re:Hm...

[sm62704]

If the industry is forced to do their DRM in an interoperable way it will be better than the present situation where DRMed content is practically not interoperable at all.

But which DRM? Dumb Restrictions on Music, or Dumb Restrictions on Movies? Or is it really DRM at all, will we be stuck with the Dynamically Underpowering Movie Bomb (DUMB) that was talked about in a Slashdot story last night?

Personally I would like to see the corporations' stronghold on the world's governments come to an end, and all forms of Dumb Restrictions on Media outlawed! If your work is protected by technological measures, it should lose copyright protection.

-mcgrew

Re:Hm...

[somersault]

You are a moron. If someone can listen to it, then they can also place a microphone next to it and record it. Sure the quality will be slightly degraded, but if it's done in a soundproof room in the middle of the countryside then it will be pretty decent quality. It's called the analog hole. I'm not a cracker so I'm not sure about the hardware side of things, but it's funny how modchip makers and crackers keep being able to crack supposedly uncrackable hardware too, huh? You don't know what you're talking about with your 'tamper-proof' hardware, unless you're talking about rigging every unit with C4. I can just see it now "WARRANTY VOID IF SEAL BROKEN (oh and your living room may end up rather void too)"

Re:Hm...

[sm62704]

Do DRM right. Do something that is information theory impossible, but do it right. Yes. I'll just get my magic pixie dust now.

I'm with you there! Was that the guy who keeps submitting the "2008 will be the year of [X}" stories to slashdot? Or is he the one who doesn't know "there" from "they're" or how to use an apostrophe? What's his problem?

How can someone who visits a site with a masthead that reads "news for nerds" not understand that DRM is an impossible dream cooked up by the technologically ignorant and implimented by con artists and thieves who know damned will that their "unbreakable lock" cannot possibly withstand the attack of hundreds of thousands of very intelligent, highly competent nerds? Maybe I'm too hard on the fellow, perhaps he's just suffering from some sort of distraction. (The last link may not be safe for work)

Or maybe he was a nerd but lost his license?

Re:Hm...

[Synchis]

I got news for you... DRM has already failed naturally.

After all of the failed schemes:

DVD,
Sony Rootkit,
Most other CD Copy Pretection Schemes,
Version after version of Apples DRM,
HD-DVD and BluRay...

Why would they even entertain the idea of standardizing something that is defective by design.

DRM always was, always is, and always will be a failed attempt of companies to lock customers into 1 media, 1 product. Information inherently *wants* to be free. Why not put the effort into something much more valuable to society... like laws that *prevent* companies from implementing DRM Schemes.

*That* would be news I could sink my teeth into. :)

Re:Hm...

[cheater512]

Whats preventing someone from tapping the video from the monitor's chip?

DRM can be made difficult. It cannot be made flawless.
If everyone used the same DRM then its one big target. Look at AACS.

Re:Hm...

[phantomlord]

That totally explains Dr. Danco from Dearly Devoted Dexter

Re:Hm...

[homer_s]

If the industry ....

Who gets to decide who the 'industry' is? The big companies love this scenario (not necessarily in this instance, but generally): the govt decides that a blessed few are the 'industry' and keeps every small producer out by regulation.

Re:Hm...

[caluml]

DRM relies on a secret in order to work. If the DRM is standardized, that secret it out and the DRM is broken. Not at all. Think of encryption algorithms - you can know all about them - the "secret" is out - but you still can't break them.

Re:Hm...

[IamTheRealMike]

This, of course, presumes that the purpose of DRM is to "protect" content. We all know that the only purpose of DRM is to lock consumers into a product and restrict consumer choice. So standardizing DRM is something that companies want to avoid at all costs.

Well, the existence of things like AACS says you're wrong. It's a documented specification, and it's open in the sense that, if you want to manufacture HD-DVD players, you can go ahead and license it. You can also read about the algorithms it uses without paying anything.

AACS is largely about defending a large number of secrets and revoking them when they are broken (because everybody knows that software players are leaky as hell). AACS hasn't been broken either - keys have been found, but they have also been revoked, as the system was designed to do.

DRM isn't going to disappear, because business models that work today when people are forced to pay for what they want tend to fail when they rely entirely on peoples honesty. It might disappear in some places (like music) but to disappear from everything, entirely? I suspect not for a long time.

What I'd like to see is a replacement of DRM with some kind of social honor code around buying creative works, unless you really can't afford to because you have no money. It could be enforced by having people publish lists of what they own, that they can share with their friends so people are exposed to more music/movies/games, etc, but there'd be a taboo on actually just downloading your friends entire MP3 collection and not paying the original artists anything.

Sadly, with the rampant "I should not have to pay people for their work if it's digital" mentality a lot of people have these days, I doubt such an honor code will appear anytime soon. DRM it is, then.

Re:Hm...

[init100]

Not at all. Think of encryption algorithms - you can know all about them - the "secret" is out - but you still can't break them.

Ordinary encryption systems have pretty different use patterns than DRM systems. Ordinary encryption systems protect your data from being viewed by intruders as well as people that snoop on your communications. As long as they cannot get the secret (i.e. key/password), your data is safe.

This is rather far from how DRM is supposed to work. In DRM systems, one of the communicating parties is also the attacker, and has to be prevented from getting the key at the same time as the key is necessary to unlock the content. Can you see the (obvious) difference?

In encryption terminology: In the first case, we have Alice and Bob communicating with Charlie trying to intercept the communications. In the latter case, we have Alice trying to communicate with Charlie (the attacker) in a way that the information (the content) can only be viewed by Charlie in ways that Alice allows.

Re:Hm...

[kidcharles]

Yes, I think the European Commission has some fundamental misconceptions about DRM. To paraphrase a great Spanish swordsman:

"You keep using that acronym. I do not think it means what you think it means."

Re:Hm...

[Ash-Fox]

Yes. I'll just get my magic pixie dust now. This time we'll sprinkle it *right*.

Reminds me of this advert.

Re:Hm...

[Travelsonic]

Forget using a microphone, just use Audacity and record off the soundcard when playing a DRM'd CD in a computer.

Re:Hm...

[BlueParrot]

DRM can be done with tamper-proof hardware. Which is where we're going. Now you may not see this coming but +5: Insightful? Please.

Except "tamper proof" hardware for music-DRM can be beaten using 100 year old technology.

Re:Hm...

[corsec67]

The point is that the analog hole will work with any drm'd stuff, on any hardware. Videos, audio, books, etc. can all be recorded by pointing the appropriate recording device at the output. The only way to prevent that would be to make the recording devices illegal, or have a chip that recognizes certain patterns (see the EURion Constellation for one pattern that is hard to copy or edit). If you have access to a raw CCD and a digital to analog converter, you can rip any media that is delivered digitally and there is nothing that anyone can do to prevent that.

Re:Hm...

[caluml]

Yes, I understand all that, thanks. I'm saying that just because a DRM *system* is known (not the keys used) shouldn't make it any less secure. Obviously, if you know an encryption key, which you would need to to decode DRM content, then you're stuffed. However, if someone invents a super new solar-flare powered DRM method that doesn't rely on obfuscating and sending the decryption key with the content - then knowing how the DRM method works shouldn't make any difference.

Re:Hm...

[grahammm]

Why restrict to Europe-wide. The sites from which I download music (Magnatune, CD Baby) charge the same no matter where in you are.

Re:Hm...

[bzipitidoo]

That's what baffles me too. Why can't these people understand that DRM cannot work? When 16 year old kids can break their schemes, you'd think that would be a strong hint that their schemes are hopelessly weak. But they don't take it that way, they only see that that one scheme wasn't strong enough, and delude themselves that it's still possible, and waste lots of effort trying again. They sort of half-assed understand that none of their schemes can hope to work, that's why they try to pass laws that make it illegal for DRM to be bypassed. If DRM actually worked, those laws wouldn't be necessary. Too bad they don't really understand, or they wouldn't waste money trying to create DRM systems, and bribing lawmakers to pass these stupid laws.

It's one thing for the ignorant to push these DRM schemes. But MS ought to know better. Their refusal to understand is criminally stupid. Vista is exhibit A there. Now the DRM proponents are engaged in the grandest attempt yet. They're going to try to control the users' devices from end to end. Vista was just the first shot. Unfortunately for Vista, it has to run on a PC, and that provides but one of many ways to bypass it. Next try might well be a "Trusted Computing" PC, which I expect no one will buy. TC was supposed to protect users from malicious software. TC wasn't supposed to be perverted to serve malicious DRM software at the expense of its users. And it doesn't stop with enforcing their "rights", the controllers start to want to use DRM to just plain gouge their customers, because they can. Double bonus when there's a technical problem that strips users of their privileges. They make money in 2 ways, by not spending money to fix the problem and by forcing their hapless users to work around the problem by paying for everything again! Region encoding is another example. Treacherous Computing indeed! No one will buy such a system by choice, at least not without severe brainwashing. Even if everyone could be forced to buy such systems, it still could not work. Just takes one user somewhere to introduce an unapproved device. It's impossible to stop such an "attack". Every large high school will have a few 16 year olds who will be quite capable of doing that.

They called it "copy protection" in the 1980's. That's all DRM is, is copy protection by another name. And they pressed every undocumented feature they could find into the service of copy protection, because at its heart, copy protection is security through obscurity. And none of it worked. What's that quote? "Those who do not learn from history are doomed to repeat it". So you have examples from recent history, you have many scientists who understand that it doesn't work and didn't need to try it even once to know better, but none of that stops these DRM fools.

Re:Hm...

[ceswiedler]

He said 'right', not 'perfect'. Doing DRM 'right' would be a scheme which allows consumers the rights they expect (watching / listening on all of their own devices, able to share with family and friends, no chance of DRM 'expiring' due to format changes or abandonware) while making it reasonably difficult to copy and re-distribute on a large scale.

As long as consumers get the rights they want at a fair price, and as long as it's nontrivial to get an illegal copy, most consumers will opt for the purchased DRM version. iTunes DRM does a pretty good job (though it could be better), its biggest drawback is that it's Apple-only--a standardized DRM format along the lines of iTunes would be a pretty good system overall. People have long since been able to crack iTunes DRM and yet they still buy stuff from iTMS in massive quantities.

Saying DRM is impossible because it can always be cracked is like saying government is impossible because people will break the law. Of course they will. You just have to structure people's incentives so that the majority of people are happy not doing so.

Re:Hm...

[rlauzon]

But the eBook reader still has to know the key in order to display the content.

So to create a reader, you have to know the secret. The reader has to know the secret to display the content.

You're mistaken if you think this is about securing the algorithm. Inter-operable DRM is like having the diagram to your locks, plus knowing where you hide the key.

Re:Hm...

[rlauzon]

OK. Let's assume we have this set up:
1. Everyone creates a key pair.
2. You upload your public key to the eBook vendor which encrypts your eBook so that only your public key can unlock it.
3. The eBook reader has your private key, since it, obviously, needs to unlock the eBook so that you can read it.

Now, let's also say that the locking mechanism is well documented.

You now have documentation showing you how the lock works. You have the key.

I fail to see how this can "secure" the content.

Re:Hm...

[Zerth]

>or you can make the player such that it won't leak the decrypted data or keys, say, using a
>custom chip that is common to all manufacturers. And through legislation make leaking the
>key a bankruptcy sentence on any manufacturer.

>A competent group could create such a chip. It's not impossible.

And how will that resist bored grad students with an electron-beam microscope and a lot of free time?

Re:Hm...

[Sloppy]

If the industry is forced to do their DRM in an interoperable way..

The very premise is an oxy-moron. The whole point of DRM is that it is not interoperable. If it's interoperable, it doesn't work. Standard DRM is defeated DRM. Secrecy/non-interoperability/incompatibility are necessary traits of DRM.

Re:Hm...

[sm62704]

Those who do not study hostory are doomed to repeat it

They called it "copy protection" in the 1980's. That's all DRM is, is copy protection by another name

Yes, but perhaps they are studying history and are looking at another failed technology from the 1970s - quadraphonic sound. Quadraphonics was a brilliant concept, provided everyone had loads of cash to waste. It had four channels of sound instead of stereo's two, but required twice everything, including hte speakers which are always the most expensive part of any system.

Quadraphonics required a higher end turntable good enough to reach the supersonic, as the rear channels were modulated with a 40khz tone and then demodulated in the preamp.

So a five hundred dollar stereo sounded far, far superior to a five hundred dollar quadraphonic stereo.

The thing is, a few things changed - five channel dolby isn't exactly the same thing, although it's very similar. Digital came along, with its reduced (at present sampling rates) high frequency response CDs that no longer required what speaker manufacturers called "supertweeters". The CD required no hugh end player; you could encode four channels as easily as two, without modulation. And the four large woofers were done away with by introducing a single "subwoofer".

But "copy protection" failed in the market for a different reason, not because it added a little to the consumer item at a vast cost like quadraphonics, but added absolutely nothing for the consumer but frustration.

As digital sound sucessfully brought back quadraphonics under a new name, the Dumb Restrictions on Media crowd think the same thing might happen with Copy Protection. But it won't, because a) unlike quadraphonics or 5.1 dolby it adds nothing whatever for the paying customer, and b) no technological breakthrough will or can make it work.

Copy Protection failed not because of expense, but because it was a pain in the ass that added nothing. This is what they're not seeing. Also what they're not seeing is what someone used to use for a sig here: "making bits not copyable is like making water not wet."

Re:Hm...

[kaidadragonfly]

TC was supposed to protect users from malicious software. TC wasn't supposed to be perverted to serve malicious DRM software at the expense of its users.

From what I've read, that's actually exactly what it was supposed to be for in the first place.

I believe that's why it's driven so heavily by Microsoft so that they can have complete control over the platform, and actually have WGA work.

Re:Hm...

[Lost+Race]

no DRM at all (which is actually already starting to happen, at least in with music)

"Starting to happen"? You do realize that the most popular and successful commercial digital music distribution system, by far, has always been wide open with no DRM at all? It's been around for 25 years and is still going strong. It's called Red Book CDDA.

Movies are where the DRM has always been. It appears to be getting even worse in that market.

Re:Hm...

[iluvcapra]

Your scheme doesn't address the analogue hole, nor how you securely get the public keys to the signing stage without the user being able to intercept them between his NIC and the signing chip.

Re:Hm...

I can see someone coming out with a "TPM v2" chip that, instead of acting like a passive smart card like the 1.2 chip today, it being more of an active function, perhaps doing all the audio and video decoding on it, and only allowing decrypted input to be passed to another, similarly armored and tamper resistant, chip on the monitor.

You don't need a "TPM v2" for that. The very first TPM was designed to exactly what you describe. It is NOT a "passive smart card". It is designed to report on the state of your machine. The digital signature of your bootloader, kernel... and on up the chain of software. If your software doesn't have the correct digital signature, then it doesn't get reported as trusted (remote attestation). The TPM also provides for encrypted code (you can't see what the processor is doing), and sealed storage (storage blocked off to anything but "trusted" code).

Once you have a TPM in the machine, then everything else is just a software update away... never mind TPM v2... you, like most people, don't realize just how insidious Trusted Computing is.

Re:Hm...

[init100]

However, if someone invents a super new solar-flare powered DRM method that doesn't rely on obfuscating and sending the decryption key with the content - then knowing how the DRM method works shouldn't make any difference.

I'd argue that this is impossible. You'd need to send the decryption key to the attacker if you want him to be able to view the content, and doing so openly without obfuscation, well, I can't see how it could be possible. I fully believe that DRM and openness are completely incompatible. To have DRM, you need obfuscation, and without obfuscation, you cannot have DRM.

this cloud has a silver lining though

[jacquesm]

The EU is pretty fragmentary and local law trumps EU law when it comes to the citizens of your own country. This creates all kinds of loopholes.

Also, and I know that's a weird line of reasoning but I think that it is valid, the sooner we get through this shit the better, and if it takes getting these idiotic laws and then breaking them en masse then so be it.

The population is slowly starting to wake up to the idiocy of some of these laws. Right now chinese law (see the recent RIAA vs Baidu suit) is more reasonable when it comes to some of this stuff than the so called bastion of democracy and privacy that the EU is supposed to be.

We're being sold out here and that has never before been more apparent, maybe this is what it takes to get people to wake up, I sure hope so.

It's going to take more than a few torrent sites to get taken down for people to realize that their rights are being eroded left right and center.

Re:this cloud has a silver lining though

[bigtomrodney]

Actually EU law supersedes national law when it conflicts. This has been upheld on many occasions
European Law Supremacy

Re:this cloud has a silver lining though

[AliasMarlowe]

...and local law trumps EU law... Wrong.
The primacy of EU law over national law is explicit in the EU treaties to which all member countries are signatories. National laws must be amended and regulations recodified to comply with EU law (causing a certain amount of obscene posturing and squealing by local politicians).

Re:this cloud has a silver lining though

[Blimundus]

"The EU is pretty fragmentary and local law trumps EU law when it comes to the citizens of your own country. This creates all kinds of loopholes." That's completely false. EU law (if correctly adopted, and with sufficient legal basis in the treaties) prevails over local law. Also, some EU laws (the regulations, as opposed to the directives), don't even have to be implemented into local law to have direct effect.

Re:this cloud has a silver lining though

[jacquesm]

Yes, for the foreign parties it does, but for the local parties it doesn't !

I'll give you an example:

A dutch guy wants to marry a woman from Africa. In the netherlands he'd have to fulfill all kinds of BS requirements so he moves to Belgium, then marries the woman while in Africa and then moves with her to Belgium. In Belgium the dutch person can claim EU resident status, so EU law will trump belgium law.

(this is known as the 'belgium route' in the netherlands)

But in the Netherlands because he's Dutch he would not be able to do that, for a Dutch national in the Netherlands Dutch law trumps EU law.

(which is why the belgium route exists)

I know this sounds crazy but it really is true, an eu-resident but non-dutch person in the Netherlands has more rights in the Netherlands than a Dutch person does and conversely a Dutch person has more rights in other European countries than those countries nationals.

Re:this cloud has a silver lining though

This has nothing to do with Dutch national law trumping EU law in this case, which it doesn't, but with the fact that family law (the law governing marriage, custody of children, etc.), is not harmonized EU-wide. Every EU member state has its own marriage laws, but every member state also is obliged to respect marriages that have taken place under the laws of other member states.

Therefore, by moving to Belgium, you can profit from the (in this case) more liberal family law in Belgium, and when you move back to the Netherlands, the state is obliged to respect the marriage that has taken place in Belgium.

Therefore, your example is in fact an illustration of how EU law does trump national law!

Re:this cloud has a silver lining though

[jacquesm]

that's not how it is explained here:

http://nl.wikipedia.org/wiki/Belgi%C3%AB-route

I hope you can read dutch, just in case here is a translation of one section of the article:

"Discrimination of own subjects.

European law trumps national law. And yet, every member state is free to apply more strict rules to its own subjects.
This so-called 'reverse discrimination' can not be remedied by Communitylaw, because it is a direct consequence of
the limited powers of the Community. The obligations with respect to liberalization, such as described in the
Communitylaw, has according to the current jurisprudence of the Court in principle only applicability to the
cross border traffic. This indicates exactly the necessity of living (temporarily) abroad before you can use European law."

and the original dutch:

"Discriminatie van eigen onderdanen

Het Europees Recht gaat boven Nationaal Recht. Toch staat het elk lidstaat vrij, om haar eigen onderdanen aan strengere regels te onderwerpen. Deze zogeheten omgekeerde discriminatie" kan door het Gemeenschapsrecht niet worden verholpen, omdat deze het gevolg is van de beperkte bevoegdheid van de Gemeenschap. De verplichting tot liberalisering, zoals dat staat in het Gemeenschapsrecht, heeft namelijk volgens de geldende jurisprudentie van het Hof in beginsel alleen betrekking op het grensoverschrijdende verkeer. Welke dus exact de noodzaak aangeeft waarom het nodig is om (tijdelijk) in het buitenland te wonen, alvorens je gebruik mag makenvan het Europees recht."

I realize this is highly confusing but this really is the way how things are. In other words, if everybody in the EU would retain their nationality and would move to a different EU country (farfetched but theoretically possible) all the national laws would cease to be applicable overnight.

Re:this cloud has a silver lining though

[Bazer]

We shouldn't get into this mess. We've already seen what happened in the US and I think we can do better. A standard for DRM may be a good thing but anything like the DMCA is trouble.

Re:this cloud has a silver lining though

[Moonpie+Madness]

How in the hell did he get married if he always went Dutch? Damn cheapskate. Kidding, kidding, but seriously, I imagine these DMCA law would probably be passed in enough jurisdictions within the EU along with the normal trade agreements. The EU is in some ways a trade agreement anyway.

Re:this cloud has a silver lining though

Sorry, but you're going to have to explain it properly before that starts making any sense. EU nationals are subject to local laws regardless of where in the EU they are.

Re:this cloud has a silver lining though

[PJ1216]

sounds like its not that national law trumps eu laws in respect to its subjects, but that they're allowed to apply *stricter* rules to its subjects. so, if the eu forbade something, national law can't trump it and allow it. at least thats what it looks like to me. i could be completely wrong though. i'm basing it solely on that excerpt you copied.

Re:this cloud has a silver lining though

[datachild]

This isn't a troll but I will point out a few things that I find odd with your post.


Firstly, I'm sure there is a good reason as to why DRM exists at all, and why these laws that we all find dumb are being passed.
A few that come to mind are...

Big corporations corrupting politicians even further
This is a no-brainer really. What a better way to ensure your survival than to simply pay off a politician to try to pass a law?
Big corporations like Sony, Microsoft, and so on have lots of money that they can spend to make sure that the customer stays locked in,
and as obvious as my post seems so far, I think this gets lost in translating between bullshit and facts.

Unfortunately I cannot believe some of the laws they apply for. It's laughable because they should be minding their own business and not
attempting to pass a law that they have no clue about, but they are too busy exchanging laws and money with corporations to care about things
like common sense, logic, and what have you.

Sadly I've no idea what will become of this, but as long as there are politicians, there will be a problem. At the moment, I don't have a solution either.


DRM is a way to control people, not content
It's quite clear to all of us from all these torrent websites, and the warez scene that dates back to the 1980s in general, as to why they are still alive.
The companies that produce things like software, movies, audio, et cetera, aren't stupid. They KNOW their content is getting pirated, and reading a story a few
weeks ago, they are using it as a metric to find out how popular their content is. Instead, I think they are trying to control people themselves, to make sure
that no one else except them can dictate how that content is viewed. I mean, look at Sony for example -- you need a Blu-Ray player to watch Blu-Ray movies.
Yes, seems like a duh type of thing, but it's a pretty good lock-in.


Companies want to see how much shit they can get away with
This is one of my favorite ones to date. You see a company doing something stupid and you just know they are testing the grounds to see how much shit they can get away with.
Awhile ago, Rogers, a Canadian ISP inserted ads into the HTTP stream before the site loaded, so you would see an overlay of Yahoo! on Google. Who the fuck, honestly?
Laws are no different, in my opinion. When you want to pass a ridiculous law, you apply for it, and then you wait to see what was disagreed on. While some of the points
may get rejected, some of the other ones will remain, and then you strip the law of the ones that got rejected, and apply for again. Rinse and repeat.


However, on the flip side...


"Consumers" are at fault as well
Firstly, for letting yourselves be called that. Secondly, for not caring about your rights as citizens, not just customers. And thirdly, because you let the people who
represent you and who you pay to be where they are today fuck you over by the three points I've already stated. I'm sure posting on Digg and Slashdot and saying "Fuck Bush",
"Ron Paul's the answer, now what's the question?", and "Obama-nation" is great and all, but it doesn't really solve anything. You are stuck with what you have because you refuse
to act with something more than just a keyboard. Voicing your opinion is one thing, changing laws and defending The Constitution is another. I'm sure politicians laugh at all the
protests anyway. They are being paid off, and you helped them get to their position.


You have your rights, content makers have theirs
This is where my post meets the parent. I laugh whenever I see on Slashdot someone saying how they use Bittorrent to just download Linux distributions. That's a great way
to act like a politician. It's bullshit, and you know it. While I am not one of these so called "content makers," I do pity them regarding what Bitt

Re:this cloud has a silver lining though

[jacquesm]

In one sentence: the EU giveth, the memberstates can take away *from their own members*, but not from the members of other states.

So every memberstate has to respect EU law for all EU citizens in so far as rights are granted *except* for their own citizens who they may discriminate against.

I'm not sure what the situation is when it comes rights granted by your own government being trumped by a more strict EU law, but in practice local laws are usually far more strict than local laws, and off the top of my head I would not know of an example.

The original article is a direct consequence of the opening up of the market for the 'local gema/buma/whatever', who are now free (or will be free soon) to license their content with third parties for countries other than the one of their origin. Another driver is the fragmentation of the market here, a single stop for negotiations would facilitate things greatly for the smaller labels.

This is significant for content creators because the percentages paid out to artists/rights holders differ quite a bit from country to country due to the varying 'overhead'.

The DRM was relevant when this plan was first put forward, but with more and more companies switching to DRM free downloads and the speed at which the EU moves I doubt that that part of it (and the subsequent technical implementation and distribution) will happen in time to plug the holes.

I was at a presentation of the dutch BUMA last year where they were doing their best to impress on people that there was no need to switch when the time came but you can be sure they're pretty nervous about this development.

If there is going to be a free market wrt rights negotiations (and it looks like that is inevitable) then I don't doubt in the long term there will be only one such agency left standing.

lots of interesting reading on this subject here:

http://ec.europa.eu/internal_market/copyright/index_en.htm

and for an idea how complicated the swamp really is:

http://www.heise.de/english/newsticker/news/69349

Re:this cloud has a silver lining though

[SharpFang]

This isn't entirely true.

Local law trumps EU law whenever it conflicts with it. The conflict is a ShouldntHappen(tm) situation but is surprisingly common.

That is, if you violate any particular local law, which conflicts with EU law, you're fucked. You can apply for the law to be changed to comply with EU laws, and by all means it should be changed then (though the process may face a lot of obstacles - be delayed for a long time, crippled by lobbyists, generally suffer all kind of hurdles that can be thrown its way), but your court decision won't be overturned once the law changes.

In other words, EU law forces local law to be compliant with it, but doesn't override it, and the process of changing the local law to comply is separate from jurisdiction, and often falls short of its appointed goals.

There is a couple of laws in Poland that are in contradiction to EU laws. People are being judged and sentenced following them, despite the fact that it is known these laws are illegal. The legislation to have these laws changed is progressing at snail speed, meantime people spend prison time for violating them.

Re:this cloud has a silver lining though

[foobsr]

The EU is in some ways a trade agreement anyway.

Some might argue that it is the bureaucrats ultimate conspiracy to abolish democracy.

CC.

Re:this cloud has a silver lining though

[SharpFang]

"if correctly adopted"

That's the tricky part, you know.

EU laws define what local laws should be.
Local laws are used to judge people.
Local laws that are in violation of EU laws (and shouldn't be) are still used to judge people, effectively trumping EU laws.

Re:this cloud has a silver lining though

[hughk]

This isn't family law, it comes down to the law regarding freedom of movement of EU nationals and right to live and work in other countries. An EU person is entitled to bring their non-EU spouse plus any non-EU dependent children to any EU country except their own. If they bring their spouse to their own country then local immigration law trumps freedom of movement. In practical terms it means that if an EU citizen marries a non-EU person outside the EU citizen's country of residence and then brings them there to settle, they will enjoy the same rights to live and work as the EU citizen with the only condition being that the EU citizen must be able to show that he or she can support their spouse financially. Once settled and with a full residence permit, the non-EU citizen is entitled to all the benefits that an EU citizen can get. Once you have such a EU 'dependent' permit for a Schengen country, then you can travel throughout Schengen countries without a visa, but if you want to visit a non-Schengen EU country, such as Ireland which demands visas for nationals of your country then you are theoretically entitled to a more or less free one when travelling with your EU spouse, but you still have to apply for it!

Re:this cloud has a silver lining though

[jacquesm]

The tricky bit here is that it depends on the law.

If a local law is 'restrictive', in other words it takes away a right that the EU explicitly grants then it can only apply to nationals of the country that made the law, for everybody else EU law is prevalent.

I can't make it make much more sense than that, it makes no sense (that a foreigner would have more rights abroad than in their own country is of course crazy) but that's the way the EU is structured.

This gives rise to all kinds of EU-based legal loopholes and that's one of the reasons I think that the memberstates are less than happy about this particular turn of events, they used to be 'boss in their own house' and now they find that only works when they're talking to their own nationals.

The above mentioned 'belgium route' has already caused some political parties to try to restrict the influx of dutch people that are fleeing their own country because they're discriminated against:

http://www.filipdewinter.be/page.php?linkID=379

(man, I *NEVER* thought I'd ever link to Flip de Winter, but never mind that)

The full text of the belgium route handbook is here:

http://webmaster.zattevrienden.be/handboek.htm

That's in dutch though, I'm not sure I'll be able to find an article that explains this craziness in english but I'll keep looking.

By the way this nasty trick is not used by every European country, some of them try to follow EU legislation in their local law wherever possible and practical, but some (in the above case the netherlands is an obvious example) do to their own subjects things they could not do to subjects of other memberstates.

Re:this cloud has a silver lining though

[mjjw]

if it takes getting these idiotic laws and then breaking them en masse then so be it.
Why would breaking the laws en masse help anything? Firstly how are you intending to break the laws, by putting out products with a non-compliant DRM? Copying protected content is already illegal and is already practised en-masse. It doesn't make it any less illegal though. It does not seem that the EU intends to change what you can or can't do with your MP3s / Videos / etc but to force manufacturers and developers to standardise - which can only be a good thing for consumers. If you buy something that is DRM protected and can only use it on one portable device (e.g. AAC/Fairplay and iPod) that is bad for consumers. If it is guaranteed that it can be played on any device that supports DRM that is better for consumers. It is also better for content makers as it makes it easier for them to prevent piracy. I'm not saying that DRM is a good or bad thing, I'm simply saying that if we have to have it (which at the moment it seems we do) then it is better for it to be standardised.

Re:this cloud has a silver lining though

[jacquesm]

> Why would breaking the laws en masse help anything?

Because if a large portion of the population is a 'criminal' then the law ceases to be effective, the judicial system would break down during the enforcement of the law. It only works when the percentage of criminals is relatively small compared to the 'upstanding citizens'.

> Firstly

that's secondly :)

> how are you intending to break the laws, by putting out products with a non-compliant DRM?

No, by breaking the DRM. While the EU seems to have gained the right to legislate criminal law they do not seem to have the right to set the penalties, only that there must be some. This will create the possibility for member states to set the punishment to nothing or to something very harsh, effectively negating the EU criminal legislative powers.

I want to consume my digital media wherever I want in whatever form suits me, so I want to have the ability to transcode and back up as much as I want. Obviously DRM is going to interfere with that, which means there will be efforts to insure that I can still exercise my fair use rights.

I agree with you that standardized DRM is better than lots of different formats, but the weak point in that argument is that many different formats are going to be harder to crack than a single one... This is just a typical example of the EU trying to close the barn after the horse has bolted, it is not going to be done in time to make any significant difference anyhow.

Personally I won't buy anything that is drm'd, I have tons of dvd's and cd's but I have them all stored on a hard drive because it is so much more convenient.

A DMCA type law (which will try to stop me from breaking the DRM) isn't going to be worth the paper it's written on, but it will serve to illustrate how much in the pockets of the corporations the EU politicians really are. DRM, even standardized DRM is not to the advantage of the consumer.

If the EU really wants to do something good for the copyright owners then they should work on a restructuring of copyright in such a way that consumers and copyright owners will *both* feel treated fairly, instead of wasting their time and our money on this standardized DRM nonsense.

If not then I think that copyright is going to die completely. After all copyright was invented in a time when copying something was about 1,000 times harder and slower than it is today, and when the medium, distribution and packaging was the excuse for the price charged.

Re:this cloud has a silver lining though

[Moonpie+Madness]

That's very European of them. I'm not a fan of the EU style agreement, but I'm not European, so maybe they don't need my approval. Still, yeah, it's wildly unpopular. Europe is a hotbed of nationalism. More fake-races (Irish? Norman? Saxon? Pole? not to mention Germans) come from Europe than anywhere else, and I just don't think they can get along quite like Vermont and Massachusetts do. But the EU has no choice. Their economic resurgence is impressive, but it won't last with their demographics and growing social burden, not to mention Iraq, China, and India will all become powerhouse economies in the next 50 years. If the EU does not stand together, hey will have much less economic clout in a world fighting for resources. That's the kind of pressure the bureaucrats are facing to erect a nation out of a bunch of nationalists, and it's certainly enough to overwhelm any resistance to a EU-DMCA. Frankly, Asia is not going to play along, and unless we erect a firewall around half the world piracy is going to remain an outright industry. Still, I forsee a great prohibition-esque war on data sharing and unsecured media in western nations. We already see computers powerful enough to search content based on tone and speech. We may see, in a decade perhaps, filters that first look to see if something is an audio or video file, and then compare that file against all copyrighted material, and then determine if that file is authorized to be shared. What will people do? Encrypt? Sounds easy enough now, when you can build a PC and run your own OS. What happens when the only affordable devices that work on Web 7.0 applications are subsidized living room appliances like the XBOX 1080^3? We're in a unique period where technology is enabling certain sharing of information but not enabling powerful controls over that sharing. With the incestuous relationship between virtually all hardware makers, and the media's certain central role on the internet with movies, TV, etc being the primary internet application of the near future, I think it will become very difficult to avoid DRM. I predict your current devices will not work with the internet of the future. Just as MS isn't letting you open Word Perfect 5.1 files in a fully updated MS Office, they will cite security BS to justify cutting off compatibility. I bet ISPs and routers outright refuse to work with devices that lack some sort of DRM credential. For "security". I hope I'm wrong. The best way to avoid it is to create separate internetworks that can support legacy systems. The underground railroad of warez NES roms.

Re:this cloud has a silver lining though

Because if a large portion of the population is a 'criminal' then the law ceases to be effective, the judicial system would break down during the enforcement of the law. It only works when the percentage of criminals is relatively small compared to the 'upstanding citizens'.
Go and tell that to the millions of drivers who pay fines for speeding. It is possible that individual countries will come up with penalties that are easier to impose without wreaking havoc on the judicial system.

Re:this cloud has a silver lining though

[Corporate+Troll]

They need to go here and sue their country if it isn't correctly adopted.

Re:this cloud has a silver lining though

[init100]

I laugh whenever I see on Slashdot someone saying how they use Bittorrent to just download Linux distributions. That's a great way to act like a politician. It's bullshit, and you know it.

Then laugh some more, because that's exactly what I do. I only use Bittorrent to download legal material, like Linux distributions. That said, I would pirate stuff if there wouldn't be a measurable risk of getting into trouble with the law from it, but at present, I consider it too risky, especially as I can get my music and movies for free legally anyway.

It's not fair to them to see on Digg/Slashdot/Whatever posts like "FUCK RIAA".

That sentiment is probably (hopefully) not because the RIAA is pursuing file sharers, but because of the methods used in that pursuit. A fine should sting, it shouldn't put you in debt for the rest of your life. Additionally, suing grannys without a computer shows that the RIAA is just firing at random, rather than actually pursuing the heaviest infringers first. And then we have the greedy-with-no-limits claim that ripping CDs to your portable player is copyright infringement, which isn't doing any good for the public image of the RIAA. Finally we have the "girl scouts should pay royalties for singing songs around the campfire", which surely isn't RIAA, but rather ASCAP, but it's seen as part of the same crackdown, so the RIAA get part of the blame too.

Re:this cloud has a silver lining though

[init100]

If you buy something that is DRM protected and can only use it on one portable device (e.g. AAC/Fairplay and iPod) that is bad for consumers.

It is also good for consumers when consumer annoyance with DRM makes the record companies drop DRM from their music.

Re:this cloud has a silver lining though

I'm still trying to understand how one man, or a group of men (e.g. government), can dictate to another man who he can associate with, where, when, or how. It just doesn't compute for me. Am I

Of course, I'm one of those radicals who actually believes that individual liberty is a natural human right (god-given if you prefer) infinitely more important than any law or government program (except the one or two which actually protect individual liberty).

Re:this cloud has a silver lining though

So if I understand correctly, the situation arises because there is no EU-wide harmonization of immigration rules, beyond the common visa requirements of the Schengen area. It's kind of understandable that there would be "bugs" in the legal system here, since the member states still prefer to keep immigration outside the remit of the EU, and changing the situation would require new agreements.

Nevertheless, this kind of problem is unlikely to arise in the case of DRM, an issue with no strong national feelings of traditions (slashdotters don't count). As far as I can see, regulating compatibility of technical goods within the EU market with respect to DRM would fall well within the well established powers of the EU, and thus EU law wouldn't be challenged on competency grounds at least.

Re:this cloud has a silver lining though

[jacquesm]

In fact copyright and anti-pollution are the two exceptions to the EU not administering 'interior affairs'.

Re:this cloud has a silver lining though

Next time use the Preview button, and the Plain Old Text option you can't do HTML.

Re:this cloud has a silver lining though

How quaint and old-fashioned. You sound like one of those radical nutballs from 18th century America. Get with the times, man!

Re:this cloud has a silver lining though

IAAL: The rules on when and how you can marry someone aren't really a question of EU law per se.. The issue you refer to is actually about something called Conflict of Laws (or in Continental Europe: Private International Law. Same thing, different name). See http://en.wikipedia.org/wiki/Conflict_of_laws. The whole thing can get really complicated.

The point isn't that local law trumps EU law when it comes to citizens, but rather that the more lenient Belgian law applies to people living, and celebrating their marriage, in Belgium -- regardless of citizenship. The EU doesn't regulate marriage..

Re:this cloud has a silver lining though

[MSZ]

Because if a large portion of the population is a 'criminal' then the law ceases to be effective, the judicial system would break down during the enforcement of the law. It only works when the percentage of criminals is relatively small compared to the 'upstanding citizens'.

Two words: selective enforcement.

In fact, such situation is great for the proponents of excessive copyright and the state itself, as it is then possible to have a crime to pin on anyone that makes trouble. Like recently in Russia some opposition newspapers were harassed for "copyright violations", just in time to silence them before elections. And those not targeted will be more compliant, fearing crackdown.

If the EU really wants to do something good for the copyright owners then they should work on a restructuring of copyright in such a way that consumers and copyright owners will *both* feel treated fairly, instead of wasting their time and our money on this standardized DRM nonsense.

Surely, you jest.

Remember the software patents issue? How much it took to block it once but not for ever (yes, it's gonna be back sooner rather than later)? The bribery (codename: lobbying) is going full-tilt, with certain corporations and shill groups pouring money and some sold-out (or stupid) artists supporting that.

It has to get worse before it gets better, unfortunately. I don't like it, but it seems that until it hurts average people enough, nothing good will be done.

Re:this cloud has a silver lining though

[Moonpie+Madness]

Yep, that's exactly what my malfunction was. Highly annoying. Tango Mike.

Façade on top of a Shim on top of a Strawman

[Khakionion]

> they don't appear to understand the inherent tension between
> standardization, interoperability and DRM -- break once, copy everywhere.

Or the inherent quality dilemma -- "Use at all, total shit."

a better idea

[theheadlessrabbit]

I have a proposal for an alternative to DRM.

Imagine what would happen if instead of locking content, media companies just made content that no one in their right mind would possibly want.

imagine if all new movies were either endless strings of sequels, or remakes of other movies you've already seen.
imagine if all music was watered-down over-produced generic crap.
imagine if the most popular video game system were to offer downloads of all their classic titles at great prices.
imagine if the dominant operating system was so buggy, incompatible, and slow, that no one wanted to use it.

if, in some parallel universe, those four things were to somehow able to happen, all at the same time, no one would pirate anything!

sadly, we may never see such a world...

Re:a better idea

[Jugalator]

sadly, we may never see such a world... Sure, you may say that you are a dreamer, but you are not the only one.

Re:a better idea

[goldspider]

Yeah, I see what ya did there. Now if only that actually stopped people from pirating!

The moral of the story is that no matter how bad a product is, people will take it if they can get it for free.

Re:a better idea

[illumin8]

imagine if all new movies were either endless strings of sequels, or remakes of other movies you've already seen.
imagine if all music was watered-down over-produced generic crap.
imagine if the most popular video game system were to offer downloads of all their classic titles at great prices.
imagine if the dominant operating system was so buggy, incompatible, and slow, that no one wanted to use it.

And this world would be different from ours how?

Re:a better idea

what drivel.

how do you explain the fact that most people prefer windows over the free linux?
or top 40 bands over indie bands
or blockbuster movies and games?

face facts kid, the commercial stuff is the most popular stuff, that goes for stuff people like you steal with bit-torrent. i see a lot of hollywood movies in the top 100 torrents.
whats really sad is you try to justify stealing top 40 songs by whining that top 40 songs suck. Think it through, you aren't convincing anyone with this crap, not even yourself.

Re:a better idea

[syousef]

Dude you're going to get a takedown notice from the copyright holders of John Lennon's Imagine :-)

Amazon +mp3 = money

We have to start again this fight, how many more times?

Do the music experience means nothing (finally they have mp3, in the USA, why not in EU?) ?????

Drm will not help producers to prevent copying (which is done by smart users with smart hardware),
will JUST make things harder/frustrating for paying customers, forcing them to NOT buy.

The Fallacy of DRM: a summary

[Morgaine]

DRM relies on encryption.

Encryption is designed to secure communication between Alice and Bob while denying it to the evil Eve.

In DRM, Bob and Eve are one and the same person.

In other words, DRM seeks to give a person access to an item while denying him/her access to that item. This is not a recipe for success.

The proponents of DRM seem to have a fundamental misunderstanding of the strengths and weaknesses of encryption, and so are attempting to use it in a manner that is inherently weak. The fact that DRM schemes are so frequently and so rapidly broken by people with minimal cracking resources is a clear pointer to this.

For further information, Google on Schneier.

Re:The Fallacy of DRM: a summary

And if artists want to make some money, ideally, we would take the middle-man out of the way and they Eve can give 1$ to Bob because she likes the music. It's not like beethoven would say: "If you don't give me $10,000,000 I refuse to compose the 9th symphony". Artists want enough money to make a living. So the problem is moved to a better "money transaction system" for the internet.

Re:The Fallacy of DRM: a summary

[hughk]

In DRM, Bob and Eve are one and the same person.

Not quite. Bob does not need bits, they only want a picture and sound. Eve needs the bitstream, if they want a good copy. One way is to limit digital access to the device so it becomes just a playback machine. If it happens to be a general purpose computer, then expect someone to use some kind of hardware/software combination to lock Eve out, hence trusted platform concept and the trusted playback channels being introduced by Vista.

If done correctly, the key would have to be distributed in such a way that it can't be easily captured. A secure way would be for the playing system to establish its integrity with the content publisher, and use an encrypted channel to download the key and then store it in the TPM. Any time you want to play, you need to validate the integrity of the entire A/V channel and then the TPM will release you the key.

This is all feasible and some steps have been taken with Vista. The final step would be to lock us out of our systems. However, every time we get an update from Microsoft, it may cause the signature of the OS to change so the TPM stored signature must also change. Theoretically possible, but I don't see it as being practical.

Re:The Fallacy of DRM: a summary

> expect someone to use some kind of hardware/software combination to lock Eve out

You can't lock Eve out, only hinder her. The machine belongs to Eve. She has physical access. All bets are off.

> If done correctly, the key would have to be distributed in such a way that it can't be easily captured.

I have a bridge I would like to sell you. Free supply of snake oil too! ;-)

The key point clearly hasn't yet registered, as you're still looking for fudges. Yes, some fudges are better than others, that is true, but they're still fudges and the key weakness still remains. As long as the DRM'd item is available on Eve's personal machinery, you're harboring the same delusion as all other DRM proponents.

Re:The Fallacy of DRM: a summary

[JasterBobaMereel]

This is the problem with the "Extend DRM to the hardware" route in Vista it requires "Trusted channels" and if it's not trusted you can't play it , and because of the stupidity of trying to do this they even have to monitor the cables - or you could just splice these and record the output

The picture/sound output IS digital in HD and so if recorded is a faithful copy of the original (or at least good enough)

But it relies on DRM (which can be broken, and once broken is worthless) and Known hardware, which you also have in your hands and can break into the "Trusted Channel" ... this is why Microsoft can remove the trusted channel status if any piece of hardware, again you/Your PC are/is both the trusted party (Bob) and the evesdropper (Eve), so this cannot hope to work because it is inherently flawed

Re:The Fallacy of DRM: a summary

The thing is, even if all that effort does magically result in a "perfect" trusted system (which, as you point out, is darn near impossible), someone could always stick a microphone up to the speakers or point a video camera at the screen. Yes, it would be inferior, but for many uses it would be "good enough", and the content would be distributed from there.

The only truly "perfect" content protection system would be one in which the user can't view or listen to the media at all.

Re:The Fallacy of DRM: a summary

[Hymer]

Wow... You've got the point... that's EXACTLY what they are saying when they refer to Bob and Eve.
It is impossible to protect the content from the intended recipient and that is why DRM fails.

Re:The Fallacy of DRM: a summary

[init100]

To be fair, only paying the artists wouldn't solve the problem, since many artists are not song writers and composers. I agree with the sentiment that eliminating all the middle-men would be a good thing, but the artists are not the only ones that should get paid for a song.

Re:The Fallacy of DRM: a summary

[RAMMS+EIN]

No, I think you're quite wrong. DRM and encryption are not the same thing. The purpose of DRM is to prevent people from doing things that you don't want them doing with the bits you release. One way to make that work is to write a program that enforces the policy you want to enforce and make that program the only program that can do something useful with the bits. And that's where encryption comes in. By scrambling the bits and not telling anyone how to unscramble them, you make it difficult for anyone to make sense of the bits you send out. One way to do that is to use encryption and hiding the key.

Where DRM goes "wrong" is that scrambling does not do anything to prevent copying, which is supposedly what it is intended to prevent, but it does prevent _using_ the content...at least in any way not provided for by those who know how to unscramble it. In other words, it does nothing to stop the pirates, but does restrain legitimate users.

Of course, the next step up (once you have restricted using the content to only programs you control) is to make those programs phone home and do some kind of check before allowing the content to be used. Done right, this can actually do something against those who violated your terms, while allowing legitimate uses.

And, of course, it all falls down once people start tinkering with the officially approved decoders. After all, that decoder can get at the actual content. If you can somehow get the content out, you will no longer need the officially approved decoder afterward. I think it is this kind of tinkering that "Trusted Computing" is intended to prevent.

Re:The Fallacy of DRM: a summary

>>Please correct me if I got my facts wrong.

I don't know where to begin...

Re:The Fallacy of DRM: a summary

[hughk]

Content publishers are less worried about the analog hole. There real worry is people getting hold of HD video feeds. Their problem is that it wouldn't be feasible to have a key per disk. Your device must somehow get the key into the TPM. The issue there is that it may be very difficult to get that first key but once you have it, then all content published until the key is revoked has been compromised. Getting the HDMI recorded aain is, I agree a possibility even though there is some kind of setup conversation to validate the display device, you would always be able to intercept it but that would need some interesting hardware and if manufactured, the content publishers could go after the manufacturer and seller, just as has happened with console mod chips.

In a perfect world, I'm saying that you could get something to probably work. In reality, I agree that it just ain't going to happen.

Re:The Fallacy of DRM: a summary

You start off with a straw man ("DRM and encryption are not the same thing" -- the parent never said they were), and then you go off at a total tangent and expertly get every single thing wrong.

The key point that was made here seems to have eluded you entirely. And elementary logical discourse isn't doing any better.

Re:The Fallacy of DRM: a summary

Oh, dear.

I'd correct any facts you got wrong if you actually managed to state any facts.

You didn't.

You tried to state one, in the beginning, where you said "DRM and encryption are not the same thing.", but that's not a fact, that's a misunderstanding on your part.

After that you spent most of your post proving that you have no actual knowledge regarding how these things work.

At all.

So it went downhill from a bad start.

May I suggest that you read up on things (for real) before attempting further posts trying to explain things to others? Misinformation is worse than lack of information, after all, and you wouldn't want to contribute to that, now, would you?

EU law?

[jopsen]

I maybe wrong, though I live in Europe, but I seam to remember that the EU creates directives and these directives are then later on implemented in member countries as local laws...

DRM design not the issue

[Isao]

If the DRM is well-designed, the "secret" need only ever be known by a handful of people.

This is often the point of confusion. DRM cannot be completely effective, ever. DRM-protected content fundamentally requires three things be given to the end-user: A method of keeping the content controlled, a key to allow that content to be made available to the end-user, and the secured content itself. No matter how well-designed the lock, the publisher has to give the end-user the key for it to be used. Any further restrictions are simply enough smoke and mirrors to limit what a typical user can do. In the hands of a technologist, those distractions are ignored, and the unlocked content can be made available. I leave it to the /. community to provide counter-examples for each possible use-case.

new approach

[katman4]

could software certificates be used for this? Like in email. Get a free certificate from a certain company identifying you as George Bush and whenever you get new music online the system sends the data about your identification to let's say Itunes. If you are George Bush then you get the content, if you ain't you don't. Would this be feasible?

Re:new approach

[Yoozer]

could software certificates be used for this?

No.

Get a free certificate from a certain company identifying you as George Bush

There's the first problem. Who says the company is to be trusted?

If you are George Bush then you get the content, if you ain't you don't.

How do they know you are who you say you are? Before you think of biometric ID; passwords can be changed when compromised, fingerprints can't.

Re:new approach

[SlashIan]

God no!

A) I don't want these companies knowing what I'm buying regardless of what it is.
B) How would I securely store it? What would prevent someone stealing and using it?
C) How would I get a replacement if I lost it? And see B)

Standardized restrictions?

[WoollyMittens]

If you standardize DRM, the materials which the content providers are trying to control will have to work anywhere and all the time. This by the very definition is NOT what DRM is about. It is about managed access, not universal access. A standardized DRM scheme would be just as useful to the content providers as MP3.

Re:Standardized restrictions?

[Hymer]

...and that would be very good for the customers... that is you and me and everybody else.

Re:Standardized restrictions?

[1.000.000]

Which is why it's great that the EU is going to force it upon the content providers. Either they can choose no DRM og they must choose standardized DRM. Its a win-win for the European consumer.

But is it then as interesting to their supporters?

[Jugalator]

I wonder if DRM isn't used a lot just because it locks out the competition. It certainly seems like a strategy beyond encryption and copy(right) protection at least, where Apple has strongly opposed opening up their DRM method, and even more visibly with Microsoft suddenly switching to a new form of DRM in the Zune Marketplace and in the process making Zune players incompatible with their old PlaysForSure encryption. I doubt it was because they thought PlaysForSure used a too weak encryption. :-p

Do it "right"?

[tkrotchko]

"And if the industry is forced to get their act together and actually do it right,"

Presumably, the BluRay/HD-DVD people had their act together and did it right. How did that work out?

To be fair to our lords and masters.

[supersnail]

To be fair to the eurocrats up the road it looks like they are attempting to acheive two very reasonable objectives.

One -- get rid of the current absurd situation where distribution companies have a license to distribute in a single european country but not the rest of the EU. IE the Polish licensee is only licensed to sell CDs in Poland and would be breaking thier license agreement by mailing a CD to someone in Germany.

Two -- if distributors insist on DRM then there should be a conistent legal framework throughout the EU. Currently some types of copying are legal in some countries but not in others.

Yes, this is about iTunes

[Marcion]

Yes, this is about itunes offering different prices in different EU countries. The EU is supposed to have a single market, which means someone in the UK should be allowed to buy songs from the German iTunes store if it is cheaper, but Apple don't want you to.

XEROX

[sm62704]

In a related note, Doubleday and other tree killers (take THAT you dirty hippies) are working with the US Congress, th eUK House of Lords (Prayer), and the Canadian government (The Canadian Hockey League) to enact legislation forcing the WTO (Wild Teenaged Orgy) to standardize DRM (Dumb Restrictions on Media) (note, there are some redacted passages in the DRM article that you must highlight to read) to include their wares as well as the Music And Film Association of America (MAFIAA).

The proposed legislation will require that all Xerox machines be copy protected.

-mcgrew

I got your standard DRM right here.

[seeker_1us]

As in NO DRM is a standard. Digital Restrictions Management is a stupid idea from the get go.

I for one would be OK with this

[hibiki_r]

If this DRM system used a similar scheme as RFC 3514. This RFC has been extensively discussed before in Slashdot. A DRM implementation based on the same concept would keep all the open source community happy, while providing the standardization the EU recommends.

Re:I for one would be OK with this

[Secrity]

RFC3514 compliance would be a very bad thing as it could result in DRM that would be more difficult to break, and it could make DRM acceptable to too many people. It is MUCH better to have fragile, onerous DRM right now so that it can be easily broken and so that it will piss off enough people so that DRM is abandoned as being unworkable.

Re:I for one would be OK with this

[argent]

http://scarydevil.com/~peter/io/drm2.html

European Comission

[Aceticon]

As usual, it's the European Commission that's behind "industry friendly" (read, big companies with loads of $$$ and many lobbyists in Brussels) legislation.

Those are the same guys that tried to push software patents in Europe even though the European Parliament voted against them and everybody but a couple of the biggest IT companies was against it.

Interestingly enough, the members of the European Commission are not elected to their post but instead are nominated by national governments ....

PS: I really like the EU concept. Actually, i am where i am (physically and financially) because of the EU. However, until the unelected powers inside the EU political infrastructure are removed, the current structure will remain flawed and prone to serve the hidden agendas of wealthy individuals and companies instead of serving the European citizens.

Re:But is it then as interesting to their supporte

[RAMMS+EIN]

http://inglorion.net/documents/essays/vorbis-microsoft-apple/

If done correctly...? thats the point, it can't be

[hAckz0r]

Sorry, but there is no such thing. As the parent was saying, DRM is 'illogical', meaning that there is no amount of computer logic that can lock up something while simultaneously giving it to you. Check list: media, check; DRM key, check; DRM algorithm, check. So, whats missing? Only the time and motivation. I will remind you it only takes one motivated person to break it. It won't be me, I don't do that kind of thing outside of work, but then I also personally know and/or work with dozens of people that would be just as capable. Its not rocket science, you just need to know how to use the proper tools.

Trusted channels do not exist except in the minds of some wishful thinkers. The only way to have a true DRM is to have the media and player all in one black box enabled with a big self destruct anti-tamper device surrounding it. Even then I would question its ability to keep me out of it. If you suggest that there could be DRM on any general purpose machine that isn't subject to reverse engineering tools, RootKits, Virtualization, and custom device drivers then I'd like an account on that machine. Nothing, on any machine I have ever used could keep me from reading any byte in memory I choose if I have physical access to it. Given that nothing is safe that resides in its memory just where is this trusted channel going to exist?

That's not much use here!

[janrinok]

There are already printers that refuse to print images of dollars.

And how, exactly, will that be accomplished worldwide. Do these machines refuse to print any currency? Nope, I thought not. And my printer has no problem reproducing dollars, sterling, euros or whatever. So what value do the restricted machines have that makes them more desireable than the one that I use now? Probably nothing at all, in which case they will not be bought.

And just for my own interest, can you tell me the make and the model of the printer that refuses to print dollars?

Re:That's not much use here!

[SharpFang]

Not worldwide just in Europe, through legislation. No unapproved devices can be imported, built, used etc.

Yeah, it's crazy. But it's possible.

Re:That's not much use here!

http://imagechan.org/img/img.php?id=4106

Re:That's not much use here!

[janrinok]

Possible - but it will not happen because it cannot be effective. We have copyright protection in Europe, but there is probably as much P2P copying in Europe as elsewhere. There are lots of crimes that are legislated against, but they all occur in Europe. I, along with friends, built my first computer (8080 with 8k (k!) of memory in the early 1980s. Not from a kit, we designed it and built it from components. Printers require perhaps a few more specialist components but that doesn't mean they cannot be built. Legislate away, it will not stop computers - or printers - from being built.

Re:If done correctly...? thats the point, it can't

[hughk]

Thats what the TPM is for. Compromising that is quite difficult, although admittedly not impossible. It is the TPM that can tell what booted, whether the original trusted system or a VM hypervisor. The only way to get at the key would then be to sniff the datalines. The Vista approach is put everything up in ring 0 with protection (and a nice big CPU cost to run it). Of course, that is with an ideal world. The reality is that no computer can be a sealed black box, with all those updates coming down from Microsoft, maintain the trusted signatures across all elements that need to be trusted would be IMHO very, very difficult.

As for the so called black box, well we already see it with systems that wipe the key should you attempt to open the case. Unless the kit is military, this is possible to get around but not trivial.

You can't "open up" DRM.

[argent]

An open copy protection scheme is a contradiction in terms. There's basically two ways to make copy protection work: create a closed system that prevents users from running their own software as a peer to the copy protection scheme, or use obfuscation to keep attackers from figuring out where the keys are stored.

Microsoft's DRM depends on Windows Media Player using obfuscation to hide the keys, and on the OS (as of Windows Media Player 9, in Windows XP, and more so in Vista) preventing users from interfering with the DRM software. third-party Windows Media hardware is pretty much required by Microsoft to be closed.

Apple's DRM is more on the "honor system", but it still depends on obfuscation in iTunes and the iPod and the iPod being a closed system.

What you say?

[Safety+Cap]

~ many artists are not song writers and composers.

I'm assuming we're talking about musicians. FYI, many of them actually write their own stuff. But let's say that you are right.

If that is the case, did you consider that maybe the musicians would have to pay the composers/writers in order to use their stuff? Are you assuming that composers actually work for free--or that under the current system, the RIAAbots actually pay these people much of anything?

Re:What you say?

[init100]

If that is the case, did you consider that maybe the musicians would have to pay the composers/writers in order to use their stuff?

Of course, I just feel like the people behind the artist should get a little more recognition for their work. A very large majority of the focus is on the artist (the singer/performer), and I'm just reminding people that there are other people that needs to get paid too. I wouldn't want the performer to put the entire income into his pocket, but make sure that the other people involved get their cut. Since this function has been provided by the record company, I just hope that artists rolling their own remember to do this.

drm

[ihatethetv]

We need to terraform mars, and do it RIGHT this time. -g