Open Source DRM Solutions?

Feint writes "I'm working on an business platform for inter-company collaboration based on an open source software stack. As part of that platform I would like to integrate some sort of digital rights management for the documents in the system. The vast majority of articles about DRM are focused how good or evil it is to apply DRM to digital music or video. I haven't seen many articles address open source solutions for protecting business data like CAD / MS Office / PDF / etc. documents, which is a real need in business today. Can the Slashdot readership suggest some open source DRM offerings other than the Sun DReaM initiative, which hasn't had a release since Jan. 2007?"

We call it...

Public key cryptography. It won't protect work from being copied, but that's an endless battle anyways until the trusted computing platform is mainstream.

Re:We call it...

[asuffield]

but that's an endless battle anyways until the trusted computing platform is mainstream

"trusted computing" nonsense won't change anything. It's just another pile of inconvenience for the paying users that will be snipped out entirely for the bittorrent version. Sony and Microsoft have been doing their best to build tamper-proof encryption-based hardware systems (playstation and xbox series), and they're all defeated by a modchip soldered onto the motherboard - you let the tamper-proof hardware do its thing and decrypt the data, then you snoop the data right off the memory bus on its way back from the chip.

Hardware is no harder to attack than software, it just needs different tools. DRM cannot ever work.

Re:We call it...

You're being highly inaccurate. Your definition of "work" is "work perfectly". This is not the aim of DRM. DRM aims to make it difficult to copy stuff around.

I'm not aware of a mod-chip for the PS3. Your summary of how mod-chips work is incorrect anyway. And there isn't an off-chip bus carrying unencrypted data around on a real TCP. Get a clue.

Sure, maybe a million-dollar lab can open the chip inside a suitable vacuum and snoop the internal busses; for most people that's out of range, and the kind of people who run million-dollar labs don't tend to allow their use just to warez the latest game.

There's a clear economic message here - can you see it yet? When the cost of breaking DRM is higher than the profit to be made, DRM wins. It doesn't have to be perfect.

Now get with the program - DRM is a clear and present danger to our way of life. Don't sleepwalk into it.

Re:We call it...

[Marcion]

The problem with DRM is that it is a narrow technical solution to an wide ranging, largely non-technical, problem.

There's a clear economic message here - can you see it yet? When the cost of breaking DRM is higher than the profit to be made, DRM wins. It doesn't have to be perfect.

Well it allows DRM vendors to sell DRM systems. The technical difficulty of breaking DRM has to be higher than the average executive at a record company.

However, there are at least four aspects to the problems for DRM to actually work as you have described, i.e. as 'resistance' that stops the kids from copying enough for them to get on the bus, queue at a checkout and go home again.
1. Politics: The majority of people don't believe in the propaganda of the content industries. Even those that think they do, don't appear able to act on their beliefs.
2. Communication: You only have to break it once, then the means of circumvention can be spread at the speed of Ethernet.
3. Physics: It is harder and slower to build and deploy restrictions than destroy them.
4. Sociology: The productivity of a grown-up working in an office with paperwork, clocking out at 5, family commitments etc, is far lower than some dedicated student working 24 hours per day to get their Blue-ray player to 'work'.

Re:We call it...

[DHalcyon]

Aditionally, at some point, people will just not put up with that nonsense anymore - with HDDVD players refusing to work with projectors or whatever because one little detail in the HDCP chain isn't exactly right, and other horror stories like this.

The alternative is easier nowadays: Piracy - It Just Works. With sites like ThePirateBay and easy to use Bittorrent clients like uTorrent and the likes, and with fast net connections, pirating HD content is seriously becoming easier for average users than getting it in a legit way.

Re:We call it...

[oliderid]

Well it allows DRM vendors to sell DRM systems. The technical difficulty of breaking DRM has to be higher than the average executive at a record company.

As soon as your encrypted file is transformed into sound (good old analog sound). I can copy it. The quality loss can become almost insignificant (for most people IMHO) if you have a relative good installation.
kids will soon rediscover what we used to do with K7 and other Analog medium if numeric-to-numeric copy becomes too hard. it will be numeric-analog-numeric.

It does mean that your DRM song shouldn't produce any sound in order to be 100% safe. IMHO

Re:We call it...

[div_2n]

There is a fundamental technical problem with DRM which can't be solved that others have said before in various forms, so I can't claim this as my own:

Encryption is all about securing data so you can send it safely from A to C without B being able to read it. The problem with DRM is that B and C are the same person.

This reality will _never_ change despite what technology is being used. In order for our senses to comprehend the signal or heck even if it were sent as a direct data stream to our brain--the man in the middle is us and we can, if we so choose, mold that stream into whatever we want.

Re:We call it...

[rwiggers]

wrong. B and C are not the same person. C is the instruction or data path of the processor solely. B (the user) is not intended to have access to the plain text, only to a processed output. Of course, if the processed output is the data itself (video or audio, for example), it gets complicated.

Open Source DRM?

No.

I'm sure we could

[Improv]

I'm sure some of us could, but why would we want to? Design our own prison? Encumber data? Stop whistleblowers?

Re:I'm sure we could

[s4m7]

Well, that's the rub isn't it, OSS being conceptually antithetical to DRM. Most open source licenses (hi BSD guys) require contributing your own work back to the collective good.

I second the earlier idea that encrypting your data is the best option, and submit for review the existence of libcrypt as an efficient means of accomplishing said goal.

Re:I'm sure we could

[teh+kurisu]

The whole DRM-idea is about "sharing" data (documents, music, video, ...), but with the sharer imposing usage restrictions on the shared data. That's where "information wants to be free".

So when you share your name, address and credit card number (commonly considered 'personal data') with Amazon, under the 'information wants to be free' principle they can share it with whoever they want?

When you share your passport, National Insurance and driver's licence numbers, family details and NHS numbers with the MoD when you apply to join the armed forces, it's not such a big issue if they then (inadvertently) share it with the public?

The vast majority of your personal data will be shared with some person, company or organisation at some point. That's the whole point of having personal data in the first place. It then stands to reason that the definition of 'privacy' is that it is not then shared any further.

Unclear On The Concept of "Open?"

[Jeremiah+Cornelius]

Hey, Guys! I want some help too!

Do we have open-source Tasers? I'm also after open-source software to rig voting machines.

I look in freshmeat and SourceForge - but they mostly seem to be oriented to freeing people, not locking 'em up.

Re:Unclear On The Concept of "Open?"

[Hognoxious]

Too bad for you I've *patented* the idea of open sourcing tasers a long time ago.

Don't sue me, bro!

Why not simple passwords?

[Nemilar]

Passwords can be applied in any number of ways. You can base it on pgp keys, if you want to limit the specific people who have access to the documents; or, you can do a one-size-fits-all solution, just applying a password to a file, and giving that password to those who need access.

Re:Why not simple passwords?

[cp.tar]

Passwords can be applied in any number of ways. You can base it on pgp keys, if you want to limit the specific people who have access to the documents; or, you can do a one-size-fits-all solution, just applying a password to a file, and giving that password to those who need access.

Recently I was considering a solution to a professional problem that included some sort of DRM[1], albeit of a temporary sort.

As a part-time translator, I have in several occasions worked for people who got their translations, but failed to pay up. Some of my colleagues have had even worse problems of that sort.

The idea was, if they don't pay, have the file self-encrypt or self-destruct. Of course, since they could easily just copy and paste the contents in a new document, all this is really moot. Actually, the more ideas people suggested, the more things I found to be inherently wrong, avoidable or circumventable.

And it had all started with my friend's story about his friend, who set up the lighting in a night club. When the owner failed to pay up, he drove by on a Friday night, pulled out a remote and turned everything off. Then he was suddenly unavailable for the weekend; when the club owner finally reached him, the guy reminded him that since he failed to pay, he was feeling no pressure to "do the necessary repairs". When he was paid in full, he simply removed the whole circuit, re-connected the stuff and went merrily on his way.
Had the club owner not tried to cheat him, he would never have stepped into that trap; since he had, he did. And I'd like something like that in software: unless you mess with me, you'll never see it.

This differs from the traditional DRM in that it does not presume many copies of the file made; you translate for one client at a time, and just want them to pay up when the job is done. Whatever they do afterwards is none of your business.

I'm still thinking about the ways to implement something like that, but so far I've been out of my depth.
Ah, well. We'll just have to learn to fight another way.

[1] as much as I oppose the very idea.

It's an oxymoron

[Kjella]

If it's open source, you can change it thus disabling any protection it might offer unless it's some hardware-backed signing. The system isn't designed for it either, just removing all the ways you could dump the information anyway would be big job. Just get Vista if you want an end-to-end DRM stack. In short, you want to give someone the DRM'd file, the instrcutions on how the DRM works and still want them to be unable to decode it on their own, bypassing any DRM? Not going to happen.

Re:It's an oxymoron

[msuarezalvarez]

You are making the same mistake that people who insist on coming up with DRM schemes make...

A DRM scheme is an attempt at giving someone the encrypted file and the decription key, with the intent of protecting the content against that precise someone. GPG, on the other hand, is a scheme which attempts to protect the encrypted files from those who do not have the decription key.

It is not that difficult, really...

Re:It's an oxymoron

[david_thornley]

DRM is a twisted variant of crypto. If Alice sends a message to Bob using GPG, Eve can't read it because she doesn't have the key. In this case, Bob is the intended recipient, and Eve is the unintended recipient. In the case of DRM, Alice encrypts software and gives it to Bob. So, if Alice doesn't give Bob the key, Bob can't use the software. If Alice does, then Bob can break the DRM, having both the key and the code.

So, in DRM, Bob and Eve are the same person. DRM is not only socially undesirable, it's sexually perverse.

Re:It's an oxymoron

[s4m7]

So, in DRM, Bob and Eve are the same person. DRM is not only socially undesirable, it's sexually perverse.

hey now, keep your Judeo-Christian mores to yourself. Some /. folk like the idea of Bob and Eve being the same person.

Re:It's an oxymoron

[wizardforce]

you assume I was ignorant of this, I was merely pointing out that there exists a system to keep those who don't have the key from decrypting the data. I didn't say *anything* about DRM being an option because as you said, DRM is the combination of encryption and the hiding of the key which is stupid on many levels. What I suggest is that if you want data to be unreadable by people who shouldn't have access then you must encrypt the data and keep the decryption key available to only the people you want to have access- hiding it in software doesn't work.

Re:It's an oxymoron

[Eivind]

The problem is -- with DRM the intended recipient and the potential attacker is THE SAME PERSON. Which is mathemathically impossible to solve using crypto.

Crypto works because you give the decryption-key to the intended recipient, but others don't know it, and can't easily guess it since it's a large random string.

But with DRM, you give the recipient the file *AND* the decryption-key, and then say: You may use this key to decrypt the file and display it on your screen; but not to decrypt it and print it on your printer ! (for example)

That is fundamentally impossible to enforce. The decryption-algorithm does not care what happens to the file AFTERWARDS.

Re:It's an oxymoron

[cgenman]

Gnu privacy guard and truecrypt both work on a fundamental level because there is an asymmetrical informational pathway. A key piece of information is missing, which keeps the information locked away. Similarly, the person who has all of the information to decrypt the information is completely trusted.

On a theoretical level, you can't both give an open-source program all of the information required to decrypt a stream, and still prevent it from decryping the stream in ways that you don't approve of. The end user has all of the information required to have full control over the process.

At some point hardware attachments may make open-source DRM possible by hiding some of the required information. Or we may reach some compromise of semi-open DRM. But until then, Open Source DRM appears to violate a fundamental law of information science, much like perpetual motion machines violate thermodynamics.

Talk about a contradiction in terms.

[robbak]

You need to go find out what DRM is.

DRM is about Alice/Bob/Eve cryptography where Bob and Eve are the same person. All DRM tries to work by hiding the Implementation - Universally, it fails.
Open source is about revealing the implementation.

OpenDRM. Just say Huh?!

Re:Talk about a contradiction in terms.

[KeyboardMonkey]

Tell him he's DReaMing.

Re:Talk about a contradiction in terms.

[Jugalator]

OpenDRM. Just say Huh?! OpenIPMP (it's even on SourceForge!) or PachyDRM?

Re:Talk about a contradiction in terms.

[dhavleak]

All DRM tries to work by hiding the Implementation - Universally, it fails. That's not true. Obfuscation is just one of the layers in any DRM system (and also in security in general). Relying on obfuscation alone is what's bad practice -- not the presence of obfuscation itself.

DRM technologies work on essentially the same principles as PGP. The content being protected will usually be encrypted/decrypted using a symmetric key. This key is then protected using PKI (i.e. the content key is encrypted using each user's private key) -- that's the key management part of it.

I do agree that given the open nature of open source, I don't see how it's possible to come up with a viable DRM stack. I mean, if someone comes up with a working implementation, the code is out there in the open, so it's dirt simple to just take that stack itself, remove all protection mechanisms from it, recompile, and now you can attach debuggers/plugins to your DRM-enabled application to capture the data once it's decrypted.

Isn't that an oxymoron?

[something_wicked_thi]

DRM is security through obscurity. If you have the code, you can break any DRM, so there's no point in developing open source DRM. It's also why all DRM eventually fails.

Use encryption if you want safety. But you still can't prevent the people who have legitimate access from doing whatever they want to the documents.

Re:Isn't that an oxymoron?

[explosivejared]

Use encryption if you want safety. But you still can't prevent the people who have legitimate access from doing whatever they want to the documents.

Unless, and I think this is what he is after, you hire a group of armed commandos/Stallman look-a-likes (to keep it open source) to detail every end user of your media. With a gun to the head... making decisions about media becomes much more serious business.

Open Source Stallman Commando: Don't even think about putting that in your shared folder! If this ends up on bittorrent, it's a 7.62mm round right to the groin!!!
User: Oh my god... please don't kill me... (gets hit with the butt of the commando's rifle)
Commando: One more word and I swear I pull the trigger!

I'm not sure, but that may be the most workable DRM solution anyone has ever come up with.

RE

I think the systems you're after are called Document Management Systems, like you'd find used for medical records under HIPAA.
The only open source system I am aware is OpenKM[http://www.openkm.com/].

You're probably in for a disappointing search

[Weaselmancer]

Most people smart enough to program such a thing are also smart enough to know it can never work. People who do create/sell/push drm solutions are selling snake oil.

Your best bet is to use PGP and simply encrypt your data, and trade public keys with your intended recipients. And plan ahead - once someone can see it, assume they can always see it. The whole "revoking a key" bit is the snake oil part of DRM.

There is a precedent for open source DRM..

[Nemilar]

For all those who are saying "open source DRM" is an oxymoron, they should have a look at OpenIPMP, which is an open-source DRM solution for video formats. So there is a precedent for this kind of thing, although it may not be widely adopted.

Re:There is a precedent for open source DRM..

[evilviper]

For all those who are saying "open source DRM" is an oxymoron, they should have a look at OpenIPMP, which is an open-source DRM solution for video formats.

It is still an oxymoron.

If you see my comment posted shortly after yours, I mention OGG-S/Media-S. They are, at least, honest about their "open source" DRM system. In their FAQ they explain while it is GPL'd, you can buy a (closed-source) license so that it's anything other than a public-key encryption system. ergo: Open source DRM is an oxymoron.

Easy solution

How about trusting the people you give documents to?

Re:Easy solution

[EXMSFT]

You work by yourself, don't you? :-)

This coward is correct!

[TheMiddleRoad]

Public key is the way to go. Place the keys on smart cards or smart USB keys. Encrypt files individually, not just as volumes. OK, it'll be a pain in the ass. Maybe PGP Enterprise will help?

Yes, this exists

[Geoffreyerffoeg]

"DRM" is not the search term you want, though, and it is in fact not what you want for business documents. You just want to set up a public-key infrastructure (PKI) and make sure people protect their private keys. This can be done by OpenPGP, GnuPG, etc.

DRM makes it hard for people to leak a file. It does not spend very much effort, if any, on authenticating the initial owner of the file (for example, anyone who picks up a DVD can play it, although they can't copy it to a new DVD). In a business environment, you're usually far more worried about authenticating the file's recipient and making sure the original does not accidentally reach anyone else's computer, than about preventing a cooperative person from intentionally leaking the file. (In most cases, you do want to permit them to print, copy-and-paste, etc. the document. These would all be prevented by DRM because they all make it easy to leak the file.)

The other failing of DRM, as I'm sure you've seen discussed, is that it's crackable by mere cleverness. If you're going to permit someone to view a file on screen (or hear an audio clip over headphones), you can always take a screenshot (or recording) and leak that. HDCP and so forth make the screenshot harder, but nothing prevents you from pointing a camera at the TV. It will be low quality but it will be a leak. PKI, on the other hand, is only crackable by brute-force searches of the key space, or (unlikely though possible) sufficiently smart mathematicians.

DRM in a nutshell...

[evilviper]

DRM depends on proprietary software. You are encrypting a file, then giving the user the key to decode it, while telling the program in question to decode the file, but only allow it to be used in one of a few ways (eg. display PDF, but don't print).

Such a system is untenable with proprietary software (just need to find the right memory address), and absolutely impossible with open source software, as you can simply remove the line in the program that tells it what actions not to allow. (See xpdf). With proprietary DRM systems, the companies just hope it's difficult enough to decipher the compiled code of the proprietary programs, that it takes a while before someone finds the right spots in memory to probe/change, and publishes the details... Then, they make trivial changes to the DRM system, and call it a new, "fixed" version that everyone should start using quickly (before someone figures it out).

The only thing DRM can do effectively, is to prevent the first opening of the file. After you send that first key (eg. via server), no matter what the DRM involved, the user can (trivially) strip the DRM off, and do whatever they want with the unencrypted file.

If that is what you want... I would suggest using public-key encryption to protect the file instead of a commercial "DRM" system. Either PGP or SSL (keys in combination with a password) can make absolutely sure only the intended recipient can make use of the file, even if others obtain copies of it. If you are expecting any more control over what others do with the file, you are simply denying reality.

All that said, here is one open source DRM system: http://www.sidespace.com/products/oggs/

Have we not discussed this before?

[Zombie+Ryushu]

We have had this discussion. There is no legitimate use for DRM. It has no right to exist. I have told people this before. DRM does not improve the security of corporate networks. Thats not what it is meant to do. DRM has just one purpose. to deprive people of the right to use the computers they own as they see fit. Securing documents and sensitive company data is to use good security practices. IPSec, Kerberos, PKI, that kind of thing.

Point. Learn good computer security practices.

I want DRM to dissappear from this world forever/

Re:Have we not discussed this before?

[msuarezalvarez]

What you want is those medical records/taxes/bank records encrypted or otherwise secured. DRM is a very specific thing which is not that.

Convince your business not to waste the money.

[jddj]

Here's what's become my business-side take on DRM: don't bother.

DRM systems set the bar too high for honest users who just need to get some work done, and too low for malicious users.

Corporate espionage in mind? Just make screen-captures. That won't work? Digital camera, anyone?

You can't make it work, principally because there's no way to both show and not show the same document to an end user. The security is only as good as your trusted users are.

You can also appeal to reason on financial grounds: the Hollywood studios are extremely motivated to make DRM work, have pored in millions and haven't hit on anything at all that prevents piracy.

If they can't do it, you probably can't either, and should probably focus on differentiating your content by making it sticky and extremely easy to use.

Re:Convince your business not to waste the money.

[jddj]

Sticky as in "get the eyeballs stuck firmly to the content". That could mean a lot of different things depending upon the content that someone's trying to protect.

In the case of a web site, it could mean going from a login business model to an ad-supported model; with your content in the open instead of hidden behind a login, users are free to fall in love with it and return daily.

In the case of an analyst report, it could mean that instead of trying to protect the report to the hilt, you instead use wide adoption of the open report to position your firm as experts in the field, thus to sell seminars, training, consulting.

You can't use stickiness to fix the problem with every type of content (sensitive internal financial documents? Yeah, you probably don't want them sticky, but with or without DRM, what are you doing distributing those to anyone you don't trust completely?)

The idea with stickiness is that you make users adhere to the content, return to your site, your business, etc.

Minimal DRM

[Repton]

There's basically two kinds of DRM in the world: DRM that's been broken and DRM that no one has cared to break.

So, that said, here's some python DRM you can use which I am releasing into the public domain:

def issue_licence(filename, from_date, to_date):
_f = open("%s.key" % filename, 'wb')
_pickle.dump((from_date, to_date), f)
_f.close()

def check_licence(filename):
_try:
__(from_date, to_date) = pickle.load(open("%s.key" % filename))
_except IOError:
__return False
_return from_date <= datetime.date.today() <= to_date

(replace _ with spaces)

Oh brother, not this again

[dmorelli]

Cory Doctorow was been over this a couple of years ago when Sun came up with the (I'm guessing abandoned) idea of an Open Source DRM. Here, go read why it's oxymoronic: DRM != SSL

Any protection scheme where your customer and your attacker are the same party, doomed to failure, IMO.

Do not buy any DRM-encumbered products. Make a statement about this by not participating.

Open Source ECM

[smerkel]

You should also check out http://www.alfresco.com/. It was started by some of the founders of Documentum and Interwoven. It does some interesting Enterprise Content Management foo, which may be of use to you.

Too busy

[VampireByte]

Why would anyone want to defer from working on their open source poison that causes slow-and-painful death for cute puppies?

Re:Too busy

[Creepy+Crawler]

What? The tazers or the voting machines?

And if you WANT more...

[Ayanami+Rei]

... I suggest you put your wallet back in your pocket, and don't spend any more money on consultants, software, or IT staff hours spent configuring the free and non-free stuff in furtherance of your goals.

Instead you should save your money and hire a lawyer instead who will draft up NDAs for you to have people sign in order to protect those documents/secrets you want tightly controlled.

Technical solutions will not cut it. They never will. You are throwing your money away.

Hire a lawyer, and only give the documents to people who ABSOLUTELY need it and is worth the time to get contracts involved with.

That is not logical.

[Quebec]

can we produce a black whiteness?
can we produce a filled emptyness?
can we produce a hard softness?
can we produce a rich poverty?
can we produce an Open DRM?

err... not really?

I understand what he wants....

[FlyingGuy]

In business there are things like trade secrets, documents, drawings and the like that you have to distribute to a jobber or some other outside entity to accomplish a task, but you really only want the outside entity to have them for the amount of time that they actually need them to get a task completed.

Typically this has been accomplished via NDA's or other legal agreements. It appears that in some instances they want more then a "promise" to destroy the information when it is no longer useful for the legitimate contracted purpose. Sort of like the old "This tape will self destruct in 10 seconds" gag from mission impossible.

The problem is that it really cannot be accomplished. You can use PGP or IronKey (tm) as others have suggested but that only prevents the material from being easily viewed by 3rd parties and does not address the "self destruct" desire.

I really cannot think of a way to make that happen. Every method that I can think of requires the destruct method to either be built into the data ( as a code block ) but even then something has to execute that code, and that is simply worked around.

It basically has to come down to trust. Either you trust the outside entities that you deal with or you don't. When I was in the military I had access to classified materials, and I was looked over from front to back top to bottom, my friends and neighbors were interviewed as well as my Principal from High School.

Sadly, I think the last 8 years of the current administration have re-enforced the notion of mistrust and it has found its way deep into the culture of corporate America.

Also note:

[SanityInAnarchy]

If the hardware signing is not controlled by the user, it's generally not considered Free Software, although it may well be open source.

But that is pretty much the only way to give someone the source, but not the content -- assuming you are trying to protect content. If you are trying to prevent people from copying your code, then you completely missed the point of "open source".

I would very much like to see a followup article, or a clarification, or some comment by the guy who made this post, to find out just what the living Hades he was thinking to come up with this idea. This is even worse than the last Ask Slashdot, where the guy was asking how to run a consolidated, distributed network -- also a contradiction in terms, except in a very limited context (something like Coda for a distributed FS, so there's no "servers")...

Maybe we're missing some context here? Because I'm going to have to cry if this is actually, say, an MBA who thinks "Open Source" is a good idea because he gets free labor and "DRM" is good because they need to "protect their rights," and why can't he have both?

Real World Scenarios

[chill]

Make absolutely certain the drawings being used on the production floor are the correct revision. I mean on terminals on the line. And make sure no one printed a copy for "convenience".

I.E. - Engineers and CAD designers are the only ones that can see pre-production drawings. Pre-production drawings are not accessible from line terminals, only engineering or conference room workstations. Line terminals can not print drawings, though they can print some other things. Line terminals and assembly people can't even open non-production documents.

Considering many electronics assembly shops have people on staff that used to (like, last week) work for a competitor the possibility of moles in real. So, prevent documents from being opened by non-authorized personnel. Prevent drawings from being printed, copied to removable media, etc.

I've had to deal with all of that in a manufacturing environment.

IBM TCPA

[chill]

If you're using systems with TCPA chips, then check out this overview and IBM's examples.

You need to define your business need first

[cheros]

Look, get DRM out of your head - I have yet to find a place for it, and I've only been in IT for 25 years, of which 15 in security. I have seen dongles (still in use in the CAD industry), I have seen floppy disks with laser holes (bypassed by TSRs), I have seen media with altered parameters (which neededs special drives: say hello to hardware maintenance hell), I have seen registration schemes..

You should really first see if the disadvantages outweigh the benefits, from what I read you're simply after some method to protect information from disclosure. Well, encrypt it. Just don't use any DRM related solution because you're inflicting a serial chain of single points of failures on your business, and it'll screw any backup and recovery strategy as well. Just don't. You really don't know just how much trouble you're heading for.

From the trenches (long)

[Chris+Johnson]

OK, I think I need to toss a post out (to the wolves!) because the way I make my living is deeply enmeshed in the whole DRM chaos. I've got an unusual approach (well- for the business I'm in) and it's worth explaining how it specifically works because it violates some assumptions and makes others.

I make a living selling copyable software which has no DRM or copy protection, so I'm taking a bunch of time to explain how I'm doing that in the hopes Slashdot minds will find it interesting. This isn't hypothetical, it pays my bills. I'm betting it will continue to do so...

The software is mostly plugins for Logic etc. (Audio Unit format) but I'm also getting some other tools together like an animation program. This isn't free software- I'll talk pretty freely about how I do what I do but I don't distribute the code, and I pick some software products to give away at no cost and other products to sell, never for more than $60 before VAT etc. (lots of my sales are overseas, I'm in the USA)

Almost every (every?) commercial plug-in maker uses DRM, sometimes insanely intrusive stuff. There's stuff that has to dial home in order to be 'authorized' and you only get 3 or 4 goes before it is shut off, there's stuff that uses one of several dongles (iLok is the most common but there are others), etc.

I use NOTHING- once you have the plugin, I expect you to use it, back it up for safe keeping, use it on whichever computers you need it, including the new Logic nodes for DAW clustering that Apple's come up with. There isn't a line of code in there to take the plugin away from you, ever. It's a matter of principle.

At the same time, I expect people not to copy these to their friends, put them on websites, anything like that. You are only supposed to get them from me. It's done through a variation on DRM by Kagi Shareware, who are my store-runners: they have a thing they'd like to see people use more, called Kagi's Digital Download Service. This could be open source if people wanted one like it- how it works is, a purchaser is given a temporary download URL. It's open for X downloads or X days and then it's no longer valid, so if someone posted one of these somewhere it would go dead quickly. The neat thing is, if there's a problem and someone emails me I can check my copies of the Kagi receipts, and see if a sale went through. If it did- the reply email contains a copy of the thing they bought- I don't have to wait for Kagi's systems to be fixed, because the customer only needs the plugin, not access to some authorization server.

This brings me to my point about DRM, one I take very seriously- I've been thinking about this for some time having been a Slashdotter from way back. (that's easily proved, at any rate ;) )

There are two ways you can get a person to do something- push them or entice them. DRM is strictly push-ville. The big assumption you make there is that the enticement is basically infinite- the person MUST buy your thing, or steal it, so it's all about getting really tough with them to compel them not to steal it.

I make a different assumption, and it's paying my mortgage. I may not be putting out lots of open source code (though anyone from an OSS project wishing audio tips is welcome to talk with me endlessly) but I assume the person must CHOOSE to buy your thing or steal it.

No matter who it is, they still must choose. It doesn't matter if they're 14, have never bought something before, and have found my stuff on an FTP site somewhere- even if the choice seems compellingly obvious, people CHOOSE to copy stuff that's not intended to be copied. (to use the non-thief terminology)

I get to make choices as well. For instance, current law is very friendly to me talking to such an FTP site and telling them, please remove those files now. It's easy to monitor, they'd have no real leg to stand on, and I'd be entitled to want that done since it's my stuff.

The site itself CHOOSES to include my stuff (if they can get it) or not to bother- or