Slashdot Mirror
DRM Take II — Digital Personal Property
Diabolus Advocatus writes "Ars Technica has an article on a new form of DRM being considered by the IEEE. It's called Digital Personal Property and although it removes some of the drawbacks of conventional DRM it introduces new drawbacks of its own. From the article: 'Digital personal property (DPP) is an attempt to make consumers treat digital media like physical objects. For instance, you might loan your car to a friend, a family member, or a neighbor. You might do so on many different occasions and for different lengths of time. But you are unlikely to leave the car out front of your house with the keys in it and a sign on it saying, "Take me!" If you did, you might never see the vehicle again. It's that ability to lose control over property that is central to the DPP system. DPP files are encrypted. They can be freely copied and distributed to anyone, but here's the trick: anyone who can view your content can also "steal" it irrevocably. The simple addition of a way to lose content instantly leads consumers to set up a "circle of trust" that can be as wide as they like but will not extend to total strangers on the Internet.'"
Yeah you know me!
what are they trying to achieve?
surely after years of being beaten to a pulp they MUST have learned that any attempt at controlling is more than futile?
Looking for people to chat about multicopters, coding, music. skype: gtsiros
All right, time to start the ol' betting pool up. Let's guess how long it'll be before someone hacks that and just permanently steals everyone's DPP. I must say, however, it's awfully nice of them to make theft easier than ever. Why bother to leave your house when you can do it from the comfort of your office chair? If you'd like to ransom their belongings you can use the Internet for that too! Thanks Internet!
You are using English. Please learn the difference between loose and lose; they're, there, and their; your and you're.
you mean DRM-? (DRM+ is a bit silly) Hmm ... never tried to copy a car before. After reading this, it should be as easy as copying an mp3. My mind is totally changed on DRM- ... or not.
Right now, it's easy to include DRM while only upsetting we, the minority, because the average consumer never tries to use their media in a way that runs afoul of DRM. They buy song off iTunes and just use it there on iTunes, never knowing the limitations of the "product". (I use iTunes merely as an example, I know there's DRM-free music there now)
With every new push, however, the average consumer comes closer to running head-first into these limitations. When you have people's files start disapearing off their hard drive when there is no physical product, they might finally join us in asking: "Why the Hell is a collection of ones and zeroes being treated this way?"
The harder DRM advocates push, the more the consumer becomes less ignorant of their questionable ownership philosophy.
Caffeine is my anti-drug!
Duranin - A NWN2 Roleplaying Persistent World
This new development in the copyright arena is going to raise several important questions. Do we refer to this as "Dippy" or as "Da peepee"? Do we change the acronym to "Digital Pretend Property" or "Digital Property Penalties"? Will this technology never really take off, or will it only die after a multi-billion dollar campaign and several dozen slashdot debates? Only time will tell.
It's only a matter of time until it's cracked and shared.
On a side note... I would think that "stealing" mp3s would open up a whole new can of worms. What are you going to do when your "buddy" down the street refuses to "return" your music library, call the police?
what they want, he tells Ars, is for digital property to "complete the emulation of the physical world."
One would think they would eventually see the change of paradigm that's been going on for... 30 years?
Ya know, these companies bitch and bitch and bitch about how they arent making the money they used to... Maybe they should stop wasting their money on file formats and DRM schemes that will NEVER take off and focus more on the quality of the product they are producing.
I wouldn't leave my car outside my house with the keys in the ignition for all to steal (well, actually, my car is terrible so I have contemplated it). However, if I could 'burn' a new car from a car 'blank' for the price of a few pennies every time I left the house I would. I would also drive it over to my friends house and not worry if I found a different way back - I'd just leave my car there and create a new one. There is no reason to treat digital media the same way as physical media unless you're trying to force people to play by your old rules when the world has moved on.
I stopped buying CDs, tapes & stuff a number of years ago, when the record companies started suing their own customers. I used to buy 9 or 10 CDs a month, but haven't now for over 8 years. Their loss :-) I still have an extensive, dust collecting, collection, it's just old & will never be added to.
They can add whatever DRM they like, I don't give a stuff. Bring it on, it will only hasten their ultimate demise.
If I had an Ass, I'd call it Fanny Bottom, then I could slap my Ass; Fanny Bottom, on the Arse.
Digital personal property (DPP) is an attempt to make consumers treat digital media like physical objects
That's great, except for one small problem. Digital media have none of the characteristics of physical objects. Build business models that recognise this, or go out of business. Those are your only two choices. Trying to force consumers to treat digital media like physical objects is no more likely to work than the car industry trying to persuade people to treat the sea like a road.
I am TheRaven on Soylent News
And anyone with a "link" to the key can assume ownership. So if you, or any of your friends' computers are compromised, they can "steal" your DPP protected stuff. And you can never get it back.
Of course, there is little reason to steal; people who want the files in question would simply get DPP-free versions. Only malicious sorts and vandals would bother, since there'd be no real gain from the act. But if you have a falling out with your friend, it doesn't look like you can "change the locks" so to speak. If I give a house key to a friend, and for some reason stop trusting him, I can change the locks on my house. This doesn't seem to support a similar mechanism. Also, unless you store the playkey online (which has its own problems), a hardware failure in the playkey storage device will cost you your files. Returning to the house analogy, it would be like your house burning down (okay, becoming inaccessible forever) because you lost the key to the front door.
$_ = "wftedskaebjgdpjgidbsmnjgcdwatb"; tr/a-z/oh, turtleneck Phrase Jar!/; print
Dear IEEE,
No thanks.
Sincerely yours,
Everybody
The point is, for most younger people: I have it, you have it, we all have it. All the time, and for free.
Anything that doesn't encompass that usage model will get bypassed in favor of stuff that will adhere to that model.
The problem is for creative types that this means they get one sale in an efficient market. The first buyer then makes their purchase available to the rest of the world for free. Why would they do that? I don't think anyone is completely sure, but a reputation or status built by sharing is part of it.
The "one sale" idea pretty much pushes things back to a patronage system. Instead of recording a song and selling copies of it, a band is paid by some rich guy to play. The rich guy gets to tell them what he likes and what he doesn't like - and if the band wants to continue living off music they will play that way. They can then distribute their work for free without any worries about compensation.
The problem is, as quite a few creative types found hundreds of years ago, a patronage system quickly ends up where everyone is trying to be just like Elvis because the people with money to spend on the arts really, really liked Elvis. Or whomever was the big favorite. So in 17th Century Europe you had playwrites coming up with pretty much rehashes of the same theme over and over again because that is what the patrons of the arts liked and would pay for.
Sounds sort of like what has happened with music recently. But the problem is while the record labels have (somewhat) learned that an endless series of "Boy Bands" aren't going to cut it any longer with a patronage system it isn't up to the marketplace - it is up to a very small number of patrons. Is that really where we want to go?
And no, I don't see the Internet making much of a difference. If the Internet lead to broad-based financial support it would. But the Internet is a way to distribute stuff for free. There is no "financial support" involved. iTunes is a myth and you might as well get over it. Nobody is making money off iTunes, especially Apple who created it as a music supply for iPods. And as many sales as iTunes has it occupies maybe 3% of music downloads today. No, no money that way.
The IEEE fails to take into account something rather major here:
First, that sounds like a royal goddamn pain in the ass and I'm a freaking software engineer. There's a reason the iPod has been so popular.
No it doesn't, it instantly leads to people who quickly and repeatedly lose access to things they pay for, as malicious script kiddies get into their machines that they've added to the latest and greatest botnet, copy the files off, and snag the key. I can see people jacking those keys being as popular as sniffing for world of warcraft accounts.
And it gets even more confusing:
So this key is moved into a tamper-protected circuit (irrelevant, no?) that is device exclusive. So you stick it in your phone so your music files only work there, or on your desktop and they only work there, or online and it's not even in your hands (but useless if you're not online) and this license can easily be moved around and if taken, fucks you permanently. But also somehow is magically secure enough that I can't just use it to decrypt the files and strip the DRM? And I can't somehow duplicate this key? What about key backups?
As dumb an idea as ever, I suggest the IEEE leave this one to rot in the dustbin, and stop letting the media companies push the tech industry around.
Or, to protect against loss, can I insure it for a penny on the dollar and the recover my losses if something happens to it?
The problem with most current schemes is that are extremely consumer hostile. I might have a CD stolen, but I can buy a used one very cheap. Digital music must be cheaper to distribute, no loss, no theft of the CD, but we still pay the same amount for the music, and have not option of buying it again in the secondary market.
Likewise, if some steals a car from me, I can have the cops do something about it. If someone steals my iPod, nothing is likely to be done. Not the cops, not Apple, not the labels will help me recover my property. They will, however, happily profit off the crime. OTOH, if I put a few songs up for people to copy, I will be liable for millions. Go figure.
In articles like this, the conclusion is often not the interesting item. Very often the conclusion is impractical and ineffective. What is sometimes interesting is the process they went through. For instance, one of the IEEE mags recently published a methods of secure offsite testing. As far as I can tell, while it prevents the cat from getting a degree, it does not protect against feeding answer to the traditional students. So it is not 100%, but the methods they use are interesting. It would be nice if the summaries would include some interesting bits, rather than just a naked conclusion, which is rather useless.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
It's still another attempt to make reality match "legality" instead of the other way around.
'If someone else copies your file, you will be punished by loosing that file'...
Fuck. That. Shit.
The current (and as it has always been) paradigm of free copying of data, is the best and most honest way of dealing with data.
"He who lights his taper off of mine does not diminish mine"... Jefferson, IIRC.
Whoever came up with this idea should lose their computing licence.
With DRM, the media companies tried to prevent people from sharing their music. But cracking the DRM led to the same problem as before.
With DPP, the media companies are offering an easier dishonest way to get music: instead of cracking the DRM, just steal other consumer's songs...
Basically, DPP means: Don't steal from me, steal from my customers instead!
Car analogy would be a manufacturer making cars with great anti-theft systems that are to be removed when the car is first sold in order to discourage thieves from stealing a product before it was sold the first time.
Ok, by now everybody hates DRM. So here is what they do, they change the name.
I don't know if they are stupid or smart, either way it will penalize only the legal buyers, as always.
Love many, trust a few, do harm to none.
Actually after reading the article the guy is an idiot. The "playkey" is the whole problem with DRM. Whether downloaded off a drm server, or transferee securely br protected memory(as the article suggests). Transfer of that key is needed. Without it everything fails. What's worse in order to even be vaguely secure each music file would need it's own playkey. So for me alone that is some 5,000 keys.
If you had even the same playkey for every song title theft is easy. If each person has one playkey. Then it be ones possible to steal thousands of songs nearly instantly.
So I say again the guy is an idiot. A dumb idea so poorly thought out I wonder if he actually thought about it or pulledit out of his ass.
i thought once I was found, but it was only a dream.
The core idea here is quite clever, it's kind of a Prisoner's Dilemma situation, where if you decide to be non-cooperative with whoever gave you a piece of media content, you can gain exclusive control over it... but if everyone decides to be cooperative, then everyone has shared access to it. This would provide a strong incentive for people to limit the sharing of their purchased content to people they trust, which would prevent unlimited sharing.
Very clever.
However, it ultimately suffers from the same fundamental problem as any other DRM scheme: Bits are too easy to replicate. While the idea specifically allows for unlimited replication of the content, it still requires strong DRMish control over the "playkey". Effectively, it just replaces the problem of controlling access/ownership of a large pile of very-copyable bits (the content) with the problem of controlling access/ownership of a small pile of very-copyable bits (the playkey).
While reducing the scale of a problem does sometimes make it more tractable, I don't think it really helps in this case. You still end up with some bits that must somehow be moved and shared, but without the possibility that they may be copied. How do you do that? No one knows. You can try to lock it up in secure hardware (effectively a dongle), but even if you succeed, you've just created a major hassle for end-users -- which is exactly what this scheme is supposed to fix. And, of course, really securing that key is very hard, and doing it cost-effectively darned near impossible.
And I don't see any possible way this could work without some sort of on-line interaction. When I "take ownership" of a playkey that I've been given access to, how is it that everyone else loses the ability to use that key? Obviously there must be some sort of central system involved, if not for each usage of the key, at least periodically, to check in to see if the possessor should still have access to it.
Perhaps there's another even more brilliant technical idea underlying the rather clever social hack, but I doubt it.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Since it obviously involves some type of key server to check against there are several ways from the very simple to very sophisticated. There are also several problems with it:
1) If the DRM permits on failure then that would be the simplest way to hack it, just block the server or specific queries to servers. If the DRM disallows on failure then a lot of people would be affected when a DDoS or a firewall/router 'problem' blocks the server somewhere upstream. This can off course be mitigated slightly by only disallowing after a certain time period, but that would require the keys to be stored either locally in the media file or locally in the media player. Both issues are simple to solve.
2) If the DRM uses a very central key server (hosted by the RIAA) that keeps track of all the 'stolen' keys then just distributing and submitting a rainbow table (easily accomplished through a botnet) of keys would be enough. If only few hold access to the key server, then there has to be some type of mechanism that finds and blocks the 'stolen' keys (where stolen is defined according to their dictionary, not the Standard English one, we would say copied to a public place). That mechanism will be very simple to either avoid (like blocking/allowing Google Bots) or mislead. Manually would be too time intensive and thus not work either.
3) If the central keys are held by the media sellers (eg. iTunes, Amazon, Microsoft) then it only takes a media seller to go out of business to have millions of files disappear. Also if the system has to be upgraded it will be very much fun to watch a) all systems synchronize their updates without downtime and b) maintain backwards compatibility. The option to 'hack' it in 2 is still valid especially when said sellers are big enough (Amazon and iTunes come to mind)
As with so many schemes for DRM it will not work and it will piss off the customers usually sooner than later. It will not be implemented and it will not be compatible with millions of devices/users out there. It is dead before it was even started. DRM does not work. It's akin to somebody making a perfect copy of your car (and/or license plate) and then driving off with the copy, you won't care, you won't know and/or you'll get in trouble for the other persons actions while you were the one that legitimately bought the car or applied for the license plate.
Custom electronics and digital signage for your business: www.evcircuits.com
Yes, this sounds like a dumb idea, but there's a kernel of goodness here, I think. Forget about "ownership" for a moment, my biggest concern in digital files is identification - attribution if you will. I would like to be able to watermark a digital file and have everyone know it's mine. I don't care if it gets copied, but I want every copy to bear the sign that this content was made by me. You'd think this would be relatively easy today, but every time I've tried to find a way to do this, all I found were very expensive products from companies I'd never heard of.
I've got a slightly unusual situation. I make something digital, and people pay me for it. The people who pay me can copy it, sell it, do whatever they want, but I want the copies to bear my signature, just like a painting bears the painter's signature. I get my money up front, but attribution is the most important thing.
Let's talk about sound files, music specifically. I've tried putting encoded sound into the file, say very high frequency, but that can pretty easily be filtered out. Or, if the material is in just one part of the file, then that part can be simply edited out. What I'd like is something, I don't know, holographic that will be in any part of the file longer than say 5 seconds. Something that will stay in any copies of the file.
Does anyone know something like this? Every six months or so I try to do some research into any products like this and I come up empty, or as I said, with unknown solutions that are very very expensive.
Thanks.
You are welcome on my lawn.
Digital Personal Property? Why the fuck is anyone trying to apply real-world realities to something that is fundamentally different? What would be productive, and for the long-term benefit of society, would be to educate people about the differences, the reality of digital information, and the inescapable reality that duplication costs are zero.
Copyright is a social contract which has time, and time, and time again been abused and violated by large corporations and their lobbying groups. This DPP nonsense is a sop to their war on the public domain and the rights we are used to enjoying.
This proposal? Well, let's smoke some MPAA/RIAA crack and spend a fortune making computers work in a way that suits their old business models.
Where's the Kaboom?
There's supposed to be an Earth-shattering Kaboom.
When you boil the matter down to its essence, digital content is simply a bunch of very long numbers. You can't treat numbers like property. Imagine trying to treat the number 17 as property. It doesn't work.
It seems to indicate that playkeys would be per file. And the cost to store a key maxes out at about half a KB (for an RSA prime number based system); substantially less if it uses either a private key style encryption system or an elliptic curve based public key system. So for your files, that would be around 2.5 MB at the outside, or as little as 80 KB. If this were implemented, I'd expect a gig or two of flash memory to be included with any hardware based system, which would handle somewhere between 2 million and 62.5 million keys (depending on size of key and size of included memory). Or they maintain a separate file or partition on a hard drive, which has it's own protected key (on the hardware device), thereby eliminating the need for special purpose storage, and removing the cap on the number of files.
I suspect this is as much about resetting DRM to a real standard as it is about DPP. Since DPP would require a DRM-like system, if DPP were accepted, everyone would have a DRM capable system based on community developed standards. This doesn't make it a good idea, but it's not quite as half-assed as you think.
$_ = "wftedskaebjgdpjgidbsmnjgcdwatb"; tr/a-z/oh, turtleneck Phrase Jar!/; print
It's like when a five year old tells you he can't find his shoes because he lost them. But he doesn't want to get in trouble so he'll say a gypsy took them. And you know the kid is lying but when you press him - he'll start to describe the gypsy. "He had purple pants, a gold shirt, and a moustache. He had a little monkey with him."
Much the same with DRM. They've lobbied for it, they've pushed it, they've gotten people to buy it and then yanked the key servers and left them high and dry. It can't be a swindle, they just haven't found the correct solution yet! So we go around and around with the industry talking about how to do this the right way. The truth is that there is no right way. The truth is that DRM is a lie. It can't work. Ever. Whenever you hold both the lock and the key, it stops being about cryptography and starts being about how to game the system.
Read up on how people beat DRM systems. Like DVD Jon. He's not a gonzo cryptographer. He didn't break DVD by his sheer mathematical skills. No. He was a kid with a machine code monitor who found the decrypted key in memory.
But like any good lie, you have to keep telling it once you start. Because the minute you say "well as it turns out there wasn't any gypsy" that's when you get in deep trouble. Imagine the class action lawsuits that would result! No, telling the lie over and over is much cheaper. So let's hear it for DRM2. I'm sure it'll buy the industry at least six more months before the next bored kid from the Netherlands comes along.
Weaselmancer
rediculous.
First, it is not correct to assume that patronage is the only alternative. There are many other models. But I want to focus on this claim:
Something like this actually happened in the 1950s. But it was resolved without the law. Musicians, fans and the industry decided against imitation.
Up until then the market for music had focused on songs, not particular recordings. There were many recordings of each song, and listeners did not mind a whole lot which one they bought. But with R&B music, the particular arrangement of a hit became more and more important. Instead of simply producing covers of popular songs, labels started to clone them, imitating everything they could, from using the same arrangement to hiring the same backup singers. Musicians protested, calling the clones "theft." Labels and radio stations said they would have nothing to do with them (though they didn't always follow through).
But what really changed the situation was the listeners. They wanted to hear the real thing - the original they had heard on the radio, not a knock off. The clones - and the covers simply faded away.
If you are sponsoring a musician (maybe you're Coke looking for music to use in advertising, or maybe you're a group of fans who have pooled their money for a sequel to Firefly), what would you rather do: pay for something that people will see as a cheap imitation, or put your money into something different?
Sure, people like things similar to what they already know. This is part of cultural change. My description of clones in the 1950s is drawn from Elijah Wald's How the Beatles Destroyed Rock 'N' Roll, where he also writes:
A lot of the best innovation comes from taking something old and mixing in something new. Is the Mac GUI just a rip-off of Xerox? Is it bad that Linux is a reimplementation of UNIX? Was it bad that Shakespeare wrote his own versions of other people's stories?
Frankly though, I don't know that I'm really disagreeing with you. As you point out, the culture industries already put much of their effort into retreads and sequels.
mp3 and other lossy formats have as their whole point removing the kind of information you want to add -- sound that can't be heard. Compression is still a hot research topic with both academic and industry interests. In contrast, steganography is much more obscure. For now, the compression beats steganography.
Finally! A year of moderation! Ready for 2019?
Not to mention do you have any idea how many PCs I have to format in a year because some dumbass in the family did something stupid and got pwned? Say goodbye to your stuff! Because if it is easy for me to "backup" the key, it will be JUST as easy for the guy at Worst Buy with the porta drive and the script that copies everyones media files to help himself, and again bye bye media.
The media companies time and time again fall for the SAME stupid shit that the game companies do. I have to crack all my fricking games even though I paid good money for them. Why you ask? Because I have 9Gb of RAM (8 on the board and 1Gb on the GPU) and therefor use XP X64, which works beautifully on the games but the #$%#%$# DRM don't work, that's why! And God help you if you get a Starforce infection on XP X64, as their damned uninstaller doesn't do jack shit on X64, so enjoy spending the day dual booting and hacking the reg to kill that shit!
when are these PHBs ever gonna learn? EA got me to shell out to buy MOH:Airborne even though I had already read reviews that said it wasn't that good. How you ask? By packing the older MOH games together with it, along with a nice interactive timeline of WW2 and a "music of" disc, and all for a reasonable $30. By giving me MORE value for my money I was happy to shell out for the set, and it would be trivial for other companies to do the same. Instead they go out of their way to screw us on price and cripple their products with DRM, once again making the pirated versions BETTER in every way! How damned stupid can they be? They should be throwing extra discs containing the artist's older stuff and charging us a fair $20 for the set, not this assraping $1 a song BS.
Offer people a good value for a fair price, and watch the money roll in. It was true 100 years ago and is just as true today, but sadly these corporations have taken on the "too big to fail" mentality that they are entitled to ever climbing profits while screwing everyone else every damned chance they get. Sadly the "too big to fail" mentality, as well as massive bribery of our elected officials, is what has gotten us into the mess we are in now. our infrastructure falling apart, prices going ever higher while quality goes ever lower. And they have the brass balls to wonder why piracy is rampant? How about not buttraping your customers and given them broken DRM infected shit, how about that? How about instead of wasting all this money on pointless DRM shit, which is cracked by the pirates usually before release, you instead offer a good value for the consumer's dollar so he doesn't feel screwed when he buys you product, ever think of that? But sadly I doubt there will ever do anything that logical. They will instead pay for ever more draconian laws paid for with treasonous bribes, and shovel ever shittier DRM down our throats and be amazed that their profits take a nosedive. Just stupid.
ACs don't waste your time replying, your posts are never seen by me.
...why?
"Digital personal property (DPP) is an attempt to make consumers treat digital media like physical objects."
When we see things like this, we need to sit down and have a hard look at the intent here. The fundamental nature of digital media is that copying is essentially a zero-cost event. The entire point of "DPP" is to break the nature of digital media.
Why? Why are we breaking the natural advantage of this new format? This isn't much different than pouring ink all over the pages of a book, so that they can't be read. Ultimately, we have to realise that we're doing it to make digital media fit the mold of traditional media.
Yes, I know you're thinking "but that's exactly what it SAYS! Make consumers treat digital media like physical objects." No revelation here--just repeating the blindingly obvious.
My point, though, is that the digital media breaks the economic model. We need to fix the model, not break the media. DRM is backwards. DPP is backwards. They're making the media fit the model (by kneecapping it), not making the model fit the media.
Reality is that digital media are here. A model that doesn't change to adapt to reality is one that HAS to die eventually.
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
So it's not an easy problem, and as compression improves, option #2 there will get even harder over time.
A quick Google search brings his Linkedin profile, along with his current job position:
That leads us to his company homepage, Telebind Inc. Not surprisingly, their sole product is "technology and tools to create ownable Digital Property".
This is nothing but a pitiful attempt to pass astroturfing as a peer (or standardization group) reviewed article. And it is more probable that not even he believe on his product, but want to suck a few into his scam, just like the ones who sold the rootkit to Sony.
I'm writing a game for Xbox right now and I will do everything in my power to protect it. I want every person who plays and enjoys the game that I've spent many hours writing to pay me for my hard work.
I am not evil, I do not want to hold people back, I am not much more greedy than the next guy, it's just that I've spent a lot of time working through engineering textbooks and learning cryptic shader code to write this game and to me each copy of that game doesn't represent the effort it takes to ctrl+c, ctrl+v. To me that game represents the work that I've put into it
.
I pay for music that I listen to, not for the record companies, not because it takes great effort to copy the data, but because the artist have put their heart and souls into the music. They have put a lot of work into it and deserve to be payed.
If you don't like the big record labels don't listen to the music they produce.
Someone "steals" it, hacks it, and re-posts the un-DRM'd copy so everyone has it.
Not advocating that, as I'm against it. But how is this protocol gonna stop the thing they actually wanna stop?
It's kind of like outlawing guns. The law-abiding citizens now have no guns, but the outlaws still have theirs.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Depends. If you just want your name on it, no problem, virtually every reasonable media file format has some sort of metadata support. Sometimes it is even good; but even basic ID3v1 is good enough for the purpose.
If, however, you want identification that resists the efforts of hostile agents to remove it, you are pretty much out of luck. Any standard metadata, by virtue of being nice and standard, is trivially strippable. Trying to embed it in the sound itself is either audibly intrusive or inaudible. If it is audibly intrusive, that is obviously unacceptable. If it is inaudible, you run into the fact that the (quite talented) designers of lossy codecs have been honing their skills at removing inaudible data from sound for years. That's the whole point of lossy codecs. Even if there is some watermarking scheme that manages to be one step ahead, you still won't really have a "signature"; because it will only be readable by you. This is good enough for tracing the provenance of leaked copies, or catching tapers; but is useless if you want attribution, rather than forensic evidence.
None of those problems are likely to go away with future development. Metadata standard enough to be readable will always be strippable. Watermarks that are audible will always be intrusive(unless, of course, you are part of the song). Watermarks that are inaudible will always be vulnerable to being cut by lossy compression. Further, any watermarking technology that lets the public at large read watermarks, rather than being used solely for forensics, effectively becomes a clumsy form of standard metadata, and thus strippable. Even cryptographic methods won't work. A cryptographic signature is stops altered versions being distributed as the real thing; but it doesn't stop altered versions, with attribution stripped, from being created. Encryption can make the file useless to anybody; but you still have to let the intended recipient read it, and they can always create a plaintext copy, which brings you back to square one.
It is impossible to have attribution follow the file; but there are ways to demonstrate authorship on demand at any future time. So called "Trusted Timestamping" services are available from a variety of outfits(most of the usual names in SSL certs, among others) and allow you to demonstrate cryptographically that a given file was timestamped by you on a given date and has not been altered since. If you timestamp all your work before it ships, you will clearly have the earliest timestamped copies that exist. This doesn't stop the distribution of stripped copies; but it does allow you to demonstrate that you possessed copies before any distribution occurred, on a particular date.
This is just the first act. What happens when technology gets to the point that you CAN copy a car? Or a cabbage?
Peace on earth, or greedy rich men trying to stop it?
Free Martian Whores!
when are these PHBs ever gonna learn?
The real question is: when are you going to learn? If you keep buying stuff with DRM, they'll keep making stuff with DRM. Money is the only thing they'll listen to, and by giving it to them, you're saying "DRM is awwwwwwwwright!".
They will instead pay for ever more draconian laws paid for with treasonous bribes, and shovel ever shittier DRM down our throats
With your money.
Support stuff that doesn't have DRM. Show them that they can make more money by doing that.
I'm not familiar with DPP, but I do work in the music industry and have a few thoughts on the subject.
While this may not be the most receptive forum for this perspective, I thought it was worth responding to a few points. One is that the music industry is filled with suits who have their head in the sand while "the world has moved on" away from DRM. The reality however is that average consumers (but perhaps not the typical slashdotter) are shackled with all sorts of DRM everyday whether it's movies, videogames, software or even eBooks. However, any mention of DRM for audio products seems to be a lightening rod of criticism (and perhaps with good reason). I'm not making any assertions as to whether it's right or wrong (at least not yet), but I wanted to make the point that DRM is alive and well in the world around us.
My next comment is that I believe that people deserve to get compensated for their work. If you can't come around on that point, then there's not much else I can say to convince you of anything. You see, I believe that the idea that people should get compensated for their work is concept that average person would agree with. I believe that DRM has, up to this point, been a very poor execution of that concept.
I believe that users should be able to make backups of products that they have purchased. As a corollary to that, I believe that it should be simple to restore their backups when needed. I believe that people should be able to play their music on whatever device they own wherever they happen to be. I believe that people should not lose the music that they paid for (along with the money that they spent) if the retailer that they bought it from happens to go out of business at some distant (or not so distant) time in the future. I don't believe that honest customers should be penalized with restrictions while pirates get the same quality of product with no restrictions. I believe that paying customers shouldn't be treated like criminals. I believe that paying customers should be rewarded for their loyalty to the artist.
These are the things that DRM should have enabled and these are the reasons that DRM has failed us all.
You see, I don't believe that DRM was the antithesis of these ideals. I think that the deployments of DRM were poorly designed and executed. I don't know a thing about DPP, but I know that there is a lot of deserved distrust against DRM and that it will take a massive effort to overcome that hurdle.
It's been all downhill since they bought into that "kibibyte" nonsense.
Unfortunately, it's not so easy to do this. When embedding a watermark, there are three fundamental approaches: ...
So it's not an easy problem, and as compression improves, option #2 there will get even harder over time.
That's a good summary. However, I believe digital watermarking has the same fundamental flaw as DRM: the means, expertise, and equipment to create and modify digital files are plentiful in this day and age.
Any idiot can copy a music file to a friend's computer. So DRM attempts to limit that easy copying, but as soon as it's broken, it's broken. Likewise, the bar is not much higher for being able to modify, edit, or sample a music file: audio editing software, MP3 encoders, tagging software, hex editors... all easily-available, easy-to-learn (with guides all over the web), and easy-to-use. So watermarks attempt to add a unique, recognizable, but unintrusive tag to that file, and they run back into the same issue that the underlying data is very easy to manipulate.
Contrast this situation with that of paper money, which often contains watermarks: The bar to "editing" or "copying" money is a lot higher. Sure, you can make a crappy copy of a $20 bill on a printer, but it won't turn out well. The recipes for real currency paper are secret and centralized, so difficult to steal. The physical equipment to print real money is extraordinarily large, immobile, and expensive, and easier to regulate since there are few legitimate, small-scale uses for things like color-changing ink and microprinting. Lastly, there are more, and smarter, serious guys with guns who take a professional interest in counterfeiting than in file-sharing.
In my view, any purely technical means to limit the distribution or modification of digital data is bound to fail. I mean, we've spent decades trying to make digital data easy to copy and modify... and gosh, we've succeeded.
DRM and watermarks both rely on, essentially, an intentional obfuscation of data. But the means to detect (watermarks) or reverse (DRM) that obfuscation must then be widely distributed for them to be useful. Security through obscurity, minus most of the obscurity. Secure cryptosystems like PGP or SSL depend on a very small core of obscurity (a secret key) and construct elaborate safeguards and mechanisms to keep that secret key from ever traversing the network, and from "leaking" its content onto the data in a visible way. And still flaws are sometimes found. DRM takes that secret key and spreads it around all over the place. Lame.
My bicyles
Sounds like something Douglas Adams would dream up.
Of course, the writers on Star Trek have been envisioning this feature for years - what other explanation do you have for all the episodes when software or other data is sent from one place to another and mysteriously lost at it's source.
The most scenarios involve the Voyager EMH.. he seems to be forever in peril disproportionate to his status as a piece of software.
It sounds like LCARS has been designed with a particularly viscous strain of DRM. Whether this has been designed into the system by Starfleet engineers or 21st century intellectual property lawyers is unknown.
What about option three? People stop designing cars, watches, etc, because once they sell one, anyone with the "replicator" can get theirs without the original designer being paid
In a world where everything costs nothing, what would they spend money on?
It is difficult to get a man to understand something when his job depends on not understanding it.
And since the entire revolution will occur in the form of /. posts, the revolution will slide off "most viewed" in a few days and post-revolutionary Earth will look much the same as pre-revolutionary Earth, with just a few geeks giving each other knowing glances and whispering "dude, we made a DIFFERENCE that day!"
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
Here's how I'd break this:
Buy a copy of the ebook.
Now have a friend buy another copy.
Compare the two copies, zero out (or otherwise remove) any differences. Done.
What about option three? People stop designing cars, watches, etc, because once they sell one, anyone with the "replicator" can get theirs without the original designer being paid?
Repeat after me: the market is not the only way to promote the creation and distribution of valuable goods.
Much like nobody wrote books or music before copyright existed?
No problem is insoluble in all conceivable circumstances.