Slashdot Mirror
Open-Source DRM Ready To Take On Big Guns
Barence writes "An open-source digital rights management (DRM) scheme says it's ready to supplant Apple and Microsoft as the world's leading copy protection solution. Marlin, which is backed by companies such as Sony and Samsung, has just announced a new partner program that aims to drive the DRM system into more consumer devices. 'It works in a way that doesn't hold consumers hostage,' Talal Shamoon told PC Pro. 'It allows you to protect and share content in the home, in a way that people own the content, not the devices.' When asked about the biggest problem of DRM — that customers hate it — he argued that 'the biggest problem with DRM is people have implemented it badly. Make DRM invisible and people will use it.'"
I don't get it... If DRM works, it restricts what you do. If it restricts what you do, it's not inivisible. How is this implementation different from any other DRM?
Bow-ties are cool.
Like it or not DRM restricts what you can do with your files. When you try to do something the copyright holders have forbidden, even the best DRM system will be plenty visible.
Give me Classic Slashdot or give me death!
You can never make DRM invisible, since people are illegally sharing video and music files all the time today. If the point of DRM is to protect the content from being pirated, making it invisible to users will completely nullify its' original intent.
Attention all planets of the Solar Federation! We have assumed control! - Neil Peart
And that's by not having it at all.
I don't buy products with DRM, no matter how much they've tried to make it non-intrusive for me.
And backed by Sony? That puts it on my personal blacklist right away.
...allowing users to share content between any Marlin-enabled device in the home rather than on specific machines. "It works in a way that doesn't hold consumers hostage,"
So long as Marlin stays in business, and every device you want your music on is a Marlin device. So, if Marlin goes under and your computer crashes, you're out of luck?
"Make surveillance invisible and people won't object to it!"
Still, the implementation details would be interesting. How quickly will this be broken? Probably before it ever gets popular.
1. It can never deprive me of my media.
2. It can not restrict what devices I use my media on.
3. It can not restrict the storage format of the media.
In other words it is impossible.
Heck I do believe that copyright infringement is wrong. I just refuse to pay the price for others breaking the law.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
The article doesn't seem to be very clear.
Will this mean I'll have to buy a new TV set, a new stereo receiver, a new DVD player, a new Cellphone, a new car stereo and reconfigure all of my PCs to be "Merlin enabled"?
Probably not, since whenever someone claims it will be "more difficult to circumvent then current DRM schemes", that seems to be a challenge to some of the more clever programmers to break it.
The Internet is generally stupid
They don't mean invisible to everyone. They mean invisible to people who aren't breaking the law. Frankly, that's good enough for me, in this case; if it doesn't interfere with my legitimate use of a game or my music, I don't have a real problem with it. Yeah, it'd be nice if DRM weren't necessary, but when you get right down to it, most people will steal digital media (as opposed to physical media) when they think they can get away with it. I'm not going to debate whether that's morally wrong or not, but it IS against the law.
Now, of course, I'm not convinced this company is going to be successful in creating effective DRM that doesn't interfere with legitimate use, but it'd be interesting if they managed it.
One could make the argument that DRM, by its very nature, holds consumers hostage.
Also, I wonder how many slashdotters will be won over by the fact that this implementation is open-source. I'm sure it might make some feel warm and fuzzy inside, but not me.
Let's not open source a turd...
The biggest problem with DRM isn't that people hate it while they're using it. It's that they REALLY hate it when the company they bought their music/movies/games from turns their entire collection of "owned" content to dust because the company got tired of running their DRM servers.
SJW: Someone who has run out of real oppression, and has to fake it.
"It works in a way that doesn't hold consumers hostage"
But that's the point of DRM - the content distributor gets to decide what happens to the content, not the consumer. Your purchased content is held hostage to the whims of the distributor. That's the point of DRM.
For an encore this guy will sell airplanes without wings that keep you safely on the ground, bladless knifes without handles, and a bucket of jumbo shrimp.
Weaselmancer
rediculous.
Just think what you'd need to do to bypass it:
Original Source:
bool isLicenceValid()
{
(Implementation goes here)
}
"Hacked" Source:
bool isLicenceValid()
{
return true;
}
Job done :)
Summation 2
If it's open source, then I can go in, change the code and bypass the whole kit-n-kaboodle, right?
Beer is proof that God loves us and wants us to be happy.
Based on their description, they seem to have built it from a better understanding of the human psychology WRT ownership of property. Most people instinctively believe that they own their music and movies and that their personal use shouldn't be restricted. This DRM seems to operate on the basis of restricting the ability to playback the content to the devices controlled by a customer, not to a set number of devices.
If this article turns out to be mostly right, it's a positive step. It recognizes the fact that most people will never get why it's infringement to share a CD or DVD across a family. So, the solution, is to focus more on how one user might give the data to a user that shouldn't receive it, than to focus on locking up the user's practical enjoyment of the product.
The key to making DRM work is to back off the user's day-to-day playback, and focus on making it so that devices won't receive content from users that don't have permission to give it to them. That's what copyright was created for: to prevent unauthorized reproductions, not tell the user exactly how they will use the IP once they buy it.
"With Marlin, any device that runs Marlin can run content on the home domain," he adds. "It's a level playing field [for manufacturers] - they don't have to go up to Redmond with a begging bowl or suck up to Steve Jobs."
So, open source DRM that works well (only) with other hardware also running the same DRM? Don't we already have that? How is this new, or better? The only thing I can see is that, vis-a-vis it being open source, it could be circumvented easier.
That's not quite right. Yes, the biggest problem with DRM is people have implemented it badly. The solution, though, is to make DRM out in the forefront of the feature list and make the DRM HELPFUL and CONVENIENT to users. Making it invisible will show that the companies are trying to hide something. Steam is always brought up as an example of good DRM. People know there's DRM on it but nobody minds because it's actually useful and makes it easy to transfer the games you've bought over to other computers quicker and easier than if you had an actual disk. Make is useful and people will use it.
Don't trust a bull's horn, a doberman's tooth, a runaway horse or me.
Doesn't the latest revision of the GPL specifically prohibit DRM?
So I assume (withot RTFA of course) that the source to this DRM is published, but it isn't GPL 3? Is it GPL 2 or some pseudo "open source"?
Dumb Restrictions on Media can use any license it wants, I want no part of it. Anyone who has anything to do with DRM is either ignorant or a fraud, and I really don't like doing business with the ignorant or with frauds.
When information isn't free, neither are you. I think I'll make that my new sig.
Free Martian Whores!
No, plenty of people who aren't pirates complain, in my case it's a self fulfilling prophesy.
I didn't use to pirate, but then they took away all are consumer protections and rights.
When I can return a game I don't like, or resell it, or apply fair use I'll stop.
Now if I like a game or music I pirate, I buy it.
The Kruger Dunning explains most post on
The whole concept of DRM is flawed, because they give me the media, and the key, and the algorithm and then tell me I can not put the three together in any other way than the way they choose. Sorry, not happening here. You can keep your broken products to yourself and I'll spend my money somewhere else.
Doesn't open-sourcing a DRM implementation make it extraordinarily easy to circumvent?
Very true. I fully expect "Tivoization" where only officially signed binaries implementing the DRM will run on equipped devices, though.
More Twoson than Cupertino
From my experience its not so much the DRM itself, but rather difference of opinions between the implementation and interpretation of the spec among the various hardware vendors.
Case in point. My home theater receiver is HDCP compliant, however it doesn't play nice with Vista. This forces me to use gray market software just so I can watch video on my projector. For the record I am not talking about just DVDs and HD disc based content. I can record an AVI with my digital camera and I will still get errors trying to play that content on my projector.
My main point is that its not necessarily the DRM itself that is the problem. HDCP "looks okay" on paper. However when you have a multitude of manufacturers interpreting the spec and the logistical impossibility of unit testing against everything else out there, ultimately its left up to the consumer to do the testing which will ALWAYS end up bad for the little guy. And there is NO WAY an individual user is going to have any teeth when a manufacturer doesn't play by the rules.
My last point is this. DRM doesn't prevent piracy.
again...let me repeat that for the industry folks who are a little slow. DRM DOESN'T PREVENT PIRACY.
It's kind of like network security. The only truly secure computer is one that is sealed in concrete, has no keyboard, no monitor, no mouse, no network, and no power. If someone wants in bad enough, they will get in. Period.
The only truly secure content is that which is never distributed.
There will always be a better mouse.
It is a simple problem but very hard to get around because the problem used to simply not exist. Standards.
Get this and get this if you get nothing else. STANDARDS HAVE GONE OUT THE WINDOW in the digital age.
ALL VHS was VHS. A LP's were LP's. All cassette tapes were cassete tapes.
Sure, there were competing standards for a short time but by and large, to the consumer media tech had one standard.
Now, in the digital age, this is no longer true. iPod may be synonmous with MP3 player but the fact is that it barely got 50% of the market. The rest of the market is split by dozens of brands each with dozen of models. Each model has its own system, its own capabilities.
This is why iTunes is NOT the standard method to distribute music. Nor is MS fairplay. Hey, even zune didn't support that.
This hampers DRM (and don't we all feel sad about this), how are you going to get your DRM method on all devices? Apple doesn't even bother with it, that is why it is trivial to convert iTunes music to MP3's and they don't license their solution out. Why would a MP3 maker bother with supporting fairplay when nobody uses it? And when so few players support it, nobody is going to use it.
Sure, Sony is a big company, but we all know how succesful it has been in the MP3 market. The company that OWNS the walkman has totally lost its touch, choosing to push its own formats over making money.
Unless someone comes up with a solution of DRM that works with just the file and doesn't need any software installed on devices that can't have software installed it can't work.
This new system doesn't fix that. Why is going to buy a Marlin enabled device when there are no services that use it, and what service is going to support it when nobody is buy marlin enabled devices?
Apples DRM slipped in by accident. People didn't buy iPod's because of iTunes. It just came with it. MS has totally screwed up its own changes by dropping its own system on its own MP3 players.
Saying that Apple and MS are the big boys in DRM land says it all. THERE IS NO DRM INDUSTRY. The consumer not only doesn't want it, but has no need for it. The industry, the hardware makers only offers it if it thinks the extra checkmark on the box is worth the effort and increasingly, they don't.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
4. ...
5. CASH!
umm... I think you mean: ...
4.
5. PROFIT!
Nope. Since it's Open Source, you just comment out the part of the code that says "If I can't contact the server, refuse to work," recompile, and then everything works.
Or if they use a decryption key downloaded from Marlin, then before they go out of business, go into the part of the code where it downloads the decryption key, and store that key somewhere. No, wait, even better: use that key to decrypt your content, and store the plaintext and delete the original. At that point, everything works flawlessly regardless of when Marlin goes out of business.
Now that's what I call effective DRM.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
When do I get to DRM my medical and financial records? Or does this still only restrict consumers?
The article linked here is the only place on the web that makes the peculiar, and false, claim that Marlin is "open source". Marlin's own creators make no such claim; they only claim that it operates on "open standards", which is quite a different can of worms.
No story here, just one careless reporter and one careless ./ submitter.
I don't have the answer to your question, but you bring up a good point. Perhaps it is time to start a new form letter.
I'll get the ball rolling:
Your system advocates a
(X) technical ( ) legislative (X) market-based ( ) vigilante
approach to fighting copyright violations.
Your idea will not work.
Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws.)
(X) It will stop copyright violation for two weeks before it gets hacked
( ) Users of media will not put up with it
(X) Microsoft will not put up with it
(X) Consumers will have to buy new versions of all their gadgets
(X) Requires too much cooperation from device vendors
( ) Requires immediate total cooperation from everybody at once
( ) Many device vendors cannot afford to lose business or alienate potential employers
Specifically, your plan fails to account for
(X) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for media
(X) Asshats
( ) Not every device has a permanent connection to the internet
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
(X) Susceptibility of DRM protocols to attack
(X) Eternal arms race involved in all DRM approaches
( ) Extreme profitability of copyright violation
( ) Identity theft
( ) Technically illiterate politicians
(X) Extreme stupidity of consumers
(X) Dishonesty on the part of copyright violators themselves
(X) The Internet
and the following philosophical objections may also apply:
(X) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
(X) The customer is always right
( ) We should be able to share our own media all we want
( ) Countermeasures should not involve sabotage of private computers
(X) Countermeasures must work if phased in gradually
(X) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) I don't want the government listening over my shoulder
Furthermore, this is what I think about you:
(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
Well holy shit, brilliant argument. Shit, I suppose a construction worker can go build porches on people's houses for free then hope they pay him some pittance! Maybe Adobe or Apple should follow this path to riches and make all their software free with "Donate Here" buttons, I'm sure they'll recoup the cost of development.
Your repetition of Slashdot's tired propaganda and your overall indistinguishability from a puckered asshole make you a douchebag.
Seriously, did you just use the "they shouldn't be in it for the money if they're any good anyway" argument? What a jackass.
These are exactly the issues:
(1) It should never be possible for me to lose access to media I have paid for, period. Perhaps this could be solved with a consumer rights law and enforced key escrow for media.
(2) I should be able to play any media on any device I own which supports playing the underlying media. I should be able to convert between media types (ie, aac->mp3) for the purposes of using a media type on another device.
(3) I should be able to make and keep backups on any media. I should be able to restore out of backup onto any device I own. There should not be onerous measures required to 'activate' my media on new devices (I'm looking at you, EA!)
Ultimately, this is why piracy is attractive - piracy gives you a "better" copy - a copy you can use anywhere and move anywhere.
Yeah, dubbing a tape is just as effective as publishing something on a torrent site. Piracy was even rampant back then, but the need to have physical media and the fairly noticeable loss of quality was a hindrance to it really affecting the studios.
What you people fail to understand, amazingly, is that DRM doesn't have to be perfect. Even the crappy DRM on DVDs stops the majority of people from copying them.
You all remind me of the people who want laws passed for "their own good". If DRM didn't work they wouldn't use it. It's as simple as that. I guess it's easy to assume that billion dollar industries are full of dummies who don't know what "UngleLoogie" on SlashDot knows, but the odds are they have very smart people, both technical and in finance, working for them.
Preventing unauthorised reproductions is the mechanism by which the public domain is enhanced. Without control over reproduction (be it legal or technical) copyright doesn't provide any incentive to create. Without the exclusive right to reproduce copyright simply cannot exist. That's the price we pay to encourage artists, authors and so on to do their thing.
I agree that current copyright law is too extensive in duration and fair dealing / fair use rights can too easily be trampled by DRM, but if you allow any and all reproductions you would destroy copyright, not improve it.
Chernobyl 'not a wildlife haven' - BBC News
I hate licensing. It's too much like renting. I want to OWN the device, program, song, whatever; not rent it.
Exactly, if I buy something then it is mine for personal use and I will not tolerate any DRM whatsoever. And when it comes to music I want to own it. However, there are somethings which I don't mind renting because they only have limited replay value anyway. DRM allows the concept of renting to be extended into the digital realm where things are easily copied, and can create some nice business models that wold not be financially viable otherwise.
It seems like most of the focus right now is on on-demand streaming of videos, which can be obfuscated to discourage most people from recording, but it has it's problems. For one, the bandwidth for high quality video really isn't there yet, and it would creates huge peaks in demand during prime-time if it ever became widespread. By using DRM'd downloads rather than streaming content, distributors and ISPs benifit by allowing downloads to be more spread-out and even intentionally scheduled during low usage hours if it's automated (using a Netflix queue model). Furthermore, not all places have fast internet connections, like subways, cars and airplanes. Being able to sync the movie to a portable device really makes the system more useful to customers. The only problem I have with existing services like this is that they are tied to specific devices, like the rentals on iTMS can only be used with Apple computers and devices. An "open" DRM system like is being proposed here would fix that.
1. Now I'm against piracy, but claiming something as broad as "invisible to people who aren't breaking the law" is BS.
For example, from what I understand, you only need to try playing t on a device which isn't "Marlin-enabled", for it to become very visible right there. I fail to see what counts as "breaking the law" if I merely take my bought song and try to play it on my old car stereo. Care to explain?
2. How _do_ you enforce a DRM without locking access to certain parts of the "pipeline"? E.g., if I can use open-source sound drivers, what's to keep me from writing an un-DRM-ed .WAV to disk of their music? E.g., if I can play it in a self-compiled music player, what's to keep me from writing the decrypted stream from the player instead of playing it? Etc.
That's why MS's "trusted computing" insists on authorizing and authenticating every single bit of your computing, starting from the CPU. And you can't have a signed program that you can change, recompile and have it still stay signed.
So basically they _have_ to restrict what drivers, software, etc, you use, or they can't guarantee enforcing that DRM. And as soon as you, say, went the OSS route and recompiled anything, again, it _has_ to become very visible. Because as soon as the binary has changed at all, you no longer know whether it now has a backdoor which extracts the binary stream.
_But_, and here's the important part, the binary changes even if you didn't do anything devious there. If I, say, decide to play with these stupid drivers and make them able to play multiple streams like under windows (Gnome and KDE do come with daemons that do that mixing, but natively it isn't available) it necessarily produces a different executable.
So, again, care to explain what's illegal or "breaking the law" if I decide to tweak my sound drivers on this here Linux machine? I mean, FFS, even MS's FUD at its darkest hour stayed clear of claiming that doing any OSS work is criminal.
4. I thought that it was up to the courts to decide if a law has been broken? Just a thought. Deciding a priori that anyone running into trouble with a particular piece of retarded software is a criminal, is rich. The whole fundament of the western justice is based on such ideas as establishing exactly what happened, the degree of evil intent ("mens rea"), hearing the other side's half of the story too, etc. It seems to me that deciding a priori that, basically, anyone doing things differently than you imagined is automatically a criminal, goes against pretty much everything that justice stands for.
A polar bear is a cartesian bear after a coordinate transform.
People who aren't pirates are the only ones who complain (at least about music and movies).
Game pirates gripe all the time about releases being a mere week in advance of retail release, or about how the crack just uses a VM to break the DRM without actually removing it from the executable.
Obligatory Soundbite Catchphrase
Set your recording device to be "wav" or "what I hear" or something similar in your soundcard's mixer's "recording" view. Grab Audacity, hit record, then hit play on *insert_audio_source_here* No signal loss from using the physical outputs.
body massage!
The construction worker expends resources for every porch built. Thus every porch needs to be payed for. The artist does not expend resources (bandwidth notwithstanding) for every copy distributed to every fan. Thus not every copy needs to be payed for. There will be enough people who will donate*, assuming the guy is any good, to make up for the costs. An artist who's not in it for the money, but rather for the love of doing it, will not care about getting every cent that could possibly be made under RIAA-style accounting**
Not that it matters, but the studios do spend money advertising and publishing media. I say it doesn't matter because there's this thing called "opportunity cost". Let's say God comes down to earth and creates a perfect DRM model. Basically your brain refuses to distribute content you don't own. Now, how many people would buy Album X and what would they pay? The difference between that amount and the amount earned because people copy content is what DRM attempts to recoup. The "but it costs nothing for another copy" argument is just a distraction and not a real argument. I will agree that RIAA/BSA/etc.. style accounting is wrong. e.g. if I copy a $1000 piece of software and play with it, they didn't lose $1000 because I wouldn't have bought it anyway.
Not quite, compare our wordings very carefully. Take a really good artist. He makes art because he loves to make art. If he does not make a load of money, he will continue to make art. As long as he has enough money to live off of his art, he will keep on doing it, and he'll get better. If you love what you're doing, chances are you're good at it.
This whole line of reasoning bores me with its stupidity, frankly. You're making a value judgement on a profession and arbitrarily claiming they should have motivations you agree with or that their ability is dictated by their lack of greed. I could make the same argument for a software developer. Or a doctor. Or a lawyer. You can say the same thing about any profession. It's nonsensical. What if I have a really good voice and musical ability, I can't treat that like a profession and instead should "suffer for my art"? Laughable.
My TV is digital and incorporates HDMI with it's nice, integrated DRM scheme.
My HD reader is digital, incorporates HDMI, with it's nice, integrated DRM scheme.
My TV tuner is digital, with it's nice, integrated DRM scheme (no record bit...ah yes, they said they would never use it)
My radio is analogic. But they are all pushing that DAB thing that is digital
My Ebook reader....
ad nauseam.
Now add a touch of ubiquitous Wimax/wireless in all of those pieces of kit. And they can revoke your licences at will.
It takes 40+ muscles to frown, but only four to extend your arm and bitchslap the motherfucker
Assuming that you'll be able to rip whatever DRM they use is dangerous. With hardware that cooperates to undermine you, PKI could easily be used to encrypt data in ways that are unbreakable through software -- by ANYONE. All it takes is a chip that publishes its public key for the media source, and re-encypts data directly to digital monitors (IE, an LCD monitor, and speakers) which also publish their public keys. Short of breaking your OWN chip apart to see it's unique key, you're screwed. Moreover, it could well be unbreakable, if those chips used one-time pads.
Battling DRM and other abuses of power is a lot like the anecdote about battling the nazis: if they come for others and you don't speak up, there will be no one left to speak up when they get to you. Or, in other words, don't be complacent on the grounds that you'll survive. If you let the technology gain a foothold, you'll be up the creek too, just like everyone else.
Make abuse of IP law invisible, and people will tolerate it.