Slashdot Mirror
Open Source DRM Solutions?
Feint writes "I'm working on an business platform for inter-company collaboration based on an open source software stack. As part of that platform I would like to integrate some sort of digital rights management for the documents in the system. The vast majority of articles about DRM are focused how good or evil it is to apply DRM to digital music or video. I haven't seen many articles address open source solutions for protecting business data like CAD / MS Office / PDF / etc. documents, which is a real need in business today. Can the Slashdot readership suggest some open source DRM offerings other than the Sun DReaM initiative, which hasn't had a release since Jan. 2007?"
If it's open source, you can change it thus disabling any protection it might offer unless it's some hardware-backed signing. The system isn't designed for it either, just removing all the ways you could dump the information anyway would be big job. Just get Vista if you want an end-to-end DRM stack. In short, you want to give someone the DRM'd file, the instrcutions on how the DRM works and still want them to be unable to decode it on their own, bypassing any DRM? Not going to happen.
Live today, because you never know what tomorrow brings
You need to go find out what DRM is.
DRM is about Alice/Bob/Eve cryptography where Bob and Eve are the same person. All DRM tries to work by hiding the Implementation - Universally, it fails.
Open source is about revealing the implementation.
OpenDRM. Just say Huh?!
Prediction for end of Universe #42: Fencepost error in Quantum_bogosort.cpp
You work by yourself, don't you? :-)
"trusted computing" nonsense won't change anything. It's just another pile of inconvenience for the paying users that will be snipped out entirely for the bittorrent version. Sony and Microsoft have been doing their best to build tamper-proof encryption-based hardware systems (playstation and xbox series), and they're all defeated by a modchip soldered onto the motherboard - you let the tamper-proof hardware do its thing and decrypt the data, then you snoop the data right off the memory bus on its way back from the chip.
Hardware is no harder to attack than software, it just needs different tools. DRM cannot ever work.
You're being highly inaccurate. Your definition of "work" is "work perfectly". This is not the aim of DRM. DRM aims to make it difficult to copy stuff around.
I'm not aware of a mod-chip for the PS3. Your summary of how mod-chips work is incorrect anyway. And there isn't an off-chip bus carrying unencrypted data around on a real TCP. Get a clue.
Sure, maybe a million-dollar lab can open the chip inside a suitable vacuum and snoop the internal busses; for most people that's out of range, and the kind of people who run million-dollar labs don't tend to allow their use just to warez the latest game.
There's a clear economic message here - can you see it yet? When the cost of breaking DRM is higher than the profit to be made, DRM wins. It doesn't have to be perfect.
Now get with the program - DRM is a clear and present danger to our way of life. Don't sleepwalk into it.
There is a fundamental technical problem with DRM which can't be solved that others have said before in various forms, so I can't claim this as my own:
Encryption is all about securing data so you can send it safely from A to C without B being able to read it. The problem with DRM is that B and C are the same person.
This reality will _never_ change despite what technology is being used. In order for our senses to comprehend the signal or heck even if it were sent as a direct data stream to our brain--the man in the middle is us and we can, if we so choose, mold that stream into whatever we want.