BBC's Plan To Kick Open Source Out of UK TV

← Back to Stories (view on slashdot.org)

BBC's Plan To Kick Open Source Out of UK TV

Posted by samzenpus on Wednesday December 23, 2009 @03:16PM from the how-can-you-have-any-TV-if-you-don't-eat-your-meat? dept.

bluec writes "Generally speaking, the BBC isn't allowed to encrypt or restrict its broadcasts: the license fee payer pays for these broadcasts. But the BBC has tried to get around this, asking Ofcom for permission to encrypt the 'metadata' on its broadcasts – including the assistive information used by deaf and blind people and the 'tables' used by receivers to play back the video. As Ofcom gears up to a second consultation on the issue, there's one important question that the BBC must answer if the implications of this move are to be fully explored, namely: How can free/open source software co-exist with a plan to put DRM on broadcasts?"

21 of 302 comments (clear)

Strange question by BadAnalogyGuy · 2009-12-23 15:23 · Score: 4, Insightful

How can free/open source software co-exist with a plan to put DRM on broadcasts?
It's simple, really.
Someone develops an Open Source DRM software solution, and the BBC uses it.
It's no different from a closed source DRM solution, except that since it is OSS, it may have a stronger encryption system since it can't rely on security through obscurity.
"Open Source" means a lot of different things to different people, but the basic concept is that it is the software which is free. How the users use the tools isn't part of the equation. So a good OSS DRM solution is a boon for some users (and a bane for their users). But either way, FOSS is not at all at odds with DRM.
1. Re:Strange question by Brian+Gordon · 2009-12-23 15:31 · Score: 5, Informative
  
  In an open-source solution you can download the source and a debugger and see exactly which bytes you need to patch to break the DRM.. Finding 09 F9 was hard when hackers had a 15MB memory dump to scour, but it wouldn't be hard at all with the full source code. You don't seem to realize that an "encryption system" needs to store its key (or a method of obtaining the key) in the source or else the client can't view the content at all.
  You can do some Bad Things like using a weird memory manager that puts instructions in unpredictable places but that only increases headaches all around and is still breakable.
2. Re:Strange question by gzipped_tar · 2009-12-23 15:47 · Score: 5, Insightful
  
  Encryption strength depends on the key, not the algorithm. You can study the source of GnuPG all you want, but you can't break the encryption without the private key.
  And DRM fails because of neither the key nor the algorithm. It fails because some greedy clods don't know heck about the basic principles of encryption, one of which being that you can't encrypt and not-encrypt at the same time.
  
  --
  Colorless green Cthulhu waits dreaming furiously.
3. Re:Strange question by Kevinv · 2009-12-23 15:55 · Score: 5, Informative
  
  > an "encryption system" needs to store its key (or a method of obtaining the key) in the source or else the client can't view the content at all.
  This is untrue for an "encryption system". It is generally true for a DRM system.
  GPG, PGP, many open source projects implementing encryption systems such as AES, DES, etc... have no qualms about their source being public. Because the keys do NOT need to be included in the source.
  DRM system such as DVD encryption however requires the player to be able to decode the disc for playback, but they don't want the user to be able to playback on non-certified devices. This means the player has to have a key to decode the files. Keys don't need to be stored in the source, but the source would reveal how the key was used. It would reveal implementation problems that could make breaking the DRM easier.
4. Re:Strange question by Virak · 2009-12-23 16:16 · Score: 4, Interesting
  
  I don't think you quite understand. The only thing DRM has is security by obscurity. When you freely hand out both the ciphertext *and* the key to whoever asks, you can't have anything else. And if it's open source, you don't get even that. So no, you're not going to see any open source DRM systems any time soon.
5. Re:Strange question by BadAnalogyGuy · 2009-12-23 16:26 · Score: 5, Interesting
  
  you're not going to see any open source DRM systems any time soon.
  While I can't be clear on their efficacy, it would be incorrect to say there are no DRM systems available.
  http://lmgtfy.com/?q=open+source+drm+solutions
6. Re:Strange question by SanityInAnarchy · 2009-12-23 16:41 · Score: 4, Insightful
  
  It's no different from a closed source DRM solution, except that since it is OSS, it may have a stronger encryption system since it can't rely on security through obscurity.
  You're operating under two assumptions that exec-types often do:
  First, you assume it has something to do with the strength of the encryption. It doesn't. DVD CSS was pathetic, it's true, and can easily be brute-forced on modern machines -- but the original crack was someone obtaining the keys. Blu-Ray (and HD-DVD) were cracked not by finding some flaw in the algorithms used, but in finding the key (09 F9 ...).
  Second, it is always security through obscurity. In order to play the movie, you need the key. In order to copy the movie, you need the key. Thus, in order to play the movie, you need the same thing you'd need in order to copy the movie, and there is no way around that. All DRM around audiovisual content is crackable. This is a flaw inherent in the nature of DRM. It is something which will never be improved.
  
  --
  Don't thank God, thank a doctor!
7. Re:Strange question by nedlohs · 2009-12-23 17:03 · Score: 4, Insightful
  
  If it is truly FOSS then I can modify the software to, as well sending the decrypted video to the output device, write it to a storage device in unencrypted non-DRMed format.
  Hence the DRM is completely useless and pointless and there can be no FOSS media players that respect DRM.
8. Re:Strange question by selven · 2009-12-23 22:28 · Score: 4, Informative
  
  XOR encryption isn't weak. It's just extremely vulnerable to a plaintext attack. Where that isn't an issue (eg. one time pads), it's the best algorithm out there.
9. Re:Strange question by SanityInAnarchy · 2009-12-23 23:08 · Score: 4, Informative
  
  ...and that's the major reason for the industry to move us to HDMI.
  *facepalm*
  You've just confused HDMI with HDCP, as so many do. I hate DRM, too, but in this case, that would be like refusing to use DVDRs because commercial DVDs are sometimes DRM'd.
  
  The only possibility is to use a dongle / smartcard (same thing, different name)
  Different form factor too, and usually a different, less sinister use, but I'll give you that.
  
  in the display and run the signal encrypted from disk to display.
  And what would that accomplish? I'm sorry, but if I'm going to rip a movie, I'm not going to do it by trying to capture 1080p video from HDMI and compressing it down to something manageable -- not when it's already on the disc in beautiful h.264 or VC-1. Maybe if there was no other way, but there's always another way, which was part of the point of my post.
  Encrypting the signal from the box to the display only pushes the problem either back to the box, or into the display. If it was actually encrypted from disk to display, that just means you've got the decryption hardware (and the keys) in the display instead of inside your blu-ray player (or TV box, whatever). I really don't see how the display is harder to open up and hack around in than any other box.
  But that's not even what's done with HDCP -- it takes the video from the disc, decrypts it, decodes it, then re-encrypts it and sends it to the TV. This means that the video exists in an encoded but decrypted state at some point inside the machine (set-top box, blu-ray player, whatever), and it's always possible (though it may be difficult) to retrieve a perfect-quality copy.
  But all of this is offtopic, because, again, you're confusing HDCP, which is the DRM-over-video-cable scheme, with HDMI, which is a perfectly reasonable standard.
  
  I'm running 2000+ x 1600+ on my old EIZO CRT monitor @85Hz on old analog VGA connector, HiRes graphics do not need HDMI
  That is true, but after using an LCD screen, you couldn't force me to go back to analog, even 85hz analog. Once you've gone digital, VGA makes no sense -- you're taking the digital signal from the computer, sending it analog over the wire, for the monitor to make digital again before it can be displayed?
  No, DVI solves that problem -- the image is sent, still digital, over the wire. And you don't hear Slashdotters whining about DVI being evil and DRM'd.
  The point is, HDMI is DVI plus an audio signal. That's it. In fact, HDCP works just as well over DVI.
  Now, I use a laptop as my primary computer. I have a nice 1920x1080 24" LCD on my desk. Every time I bring the laptop in there, I want to plug it in. Should I have to fiddle with all those pins and screws of VGA or DVI? Or can I just plug in that one HDMI plug? That goes doubly if you're using it for audio -- while my laptop isn't configured this way, in theory, I could plug the HDMI cable into a home theater system and have the surround sound system and the gigantic projector instantly supported.
  The only real reason not to use HDMI for a new system is if you're using analog for some perverse reason, or if you're using DisplayPort instead (which is better).
  
  --
  Don't thank God, thank a doctor!
strange headline by Trepidity · 2009-12-23 15:24 · Score: 5, Insightful

Maybe it's a nitpick, but the headline "BBC's Plan To Kick Open Source Out of UK TV" to me sounds like someone is against open-source software, and has conjured up a scheme, the primary purpose of which is to harm it.
From the article, though, it seems more likely that the BBC is worried about copyright infringement, and as with many companies, the only sort-of-half-assed solution they can think of to combat it is to introduce some DRM, and the only even-more-half-assed solution they can think of to make it hard to crack the DRM is security-through-obscurity. That's incompatible with OSS, as Cory Doctorow points out, but I think out of a misplaced attempt to use security-through-obscurity, not out of an actual antipathy to open-source vs. proprietary software as licensing models. Who knows if they even realized that: 1) lots of open-source software is used in conjunction with receiving TV broadcasts (and not just by warez groups); and 2) their scheme would therefore harm an important segment of the public.

--
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
Re:The BBC aren't by SlothDead · 2009-12-23 15:31 · Score: 5, Funny

Where is the "-1 boring" moderation?
Dirac by Anonymous Coward · 2009-12-23 15:32 · Score: 5, Interesting

However, the BBC would like to collaborate with the Open Source community, academics and others to produce an Open Codec
Re:Not Mutually Exclusive by Anonymous Coward · 2009-12-23 15:39 · Score: 5, Insightful

DRM absolutely excludes open source, Free-with-a-capital-F-as-in-Freedom software. My freedom is restricted if I am not permitted to modify the software (e.g. to write to disk instead of screen).
Re:Why does DRM exclude open source? by green1 · 2009-12-23 15:47 · Score: 4, Informative

Real cryptographers don't try to keep the intended recipient of the message from being able to access the encryption key either. The problem is that DRM is a flawed system, you can't stop the intended recipient of a message from doing what they like with your message after they receive it... in the end they will find a way to break your system, and the fact that you had to make it possible for them to decrypt it means that you can't rely on them not being able to decrypt it.
Re:Not Mutually Exclusive by Trepidity · 2009-12-23 15:50 · Score: 5, Insightful

PGP has a much easier task, though: it only needs to ensure that people with the key can decrypt content, while people without the key cannot. DRM schemes need to ensure that the same person can only decrypt given content for certain purposes, and not for other purposes.

--
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
The interesting question ... by FrankDerKte · 2009-12-23 16:09 · Score: 4, Interesting

Although this is /. and people are more interested in technical questions, for me the really interesting question is: How can they encrypt the "metadata" on broadcasts – including the assistive information used by deaf and blind people ?
I mean, this basically means all of the broadcast can be copied and used in any way imaginable except for the part of the broadcast which is important to the handicapped ? This sounds sort of immoral to me.
Vastly more important question by drsmithy · 2009-12-23 16:51 · Score: 5, Insightful

How does DRM help the BBC provide their services to the taxpayer, better ?
Re:The real question is ... by Sulphur · 2009-12-23 18:36 · Score: 5, Funny

Gordon Ramsey cooks Doctor Hu a bird's nest souffle.
He reveals his secret identity as a Thymelord, but there is a leek in the kitchen.
BBC not the guilty party by Anonymous Coward · 2009-12-23 19:50 · Score: 4, Insightful

This is pretty unfair to the BBC. It should be made clear that the BBC probably isn't the one that's pushing for this. It's more likely that the BBC is being leant on by other content providers (like US networks) that it licences shows such as Heroes from, as well as movies it screens. It offers these on it's iPlayer service, so it's hardly surprising that it's being pressured into this.
Re:BBC by SkunkPussy · 2009-12-23 22:51 · Score: 4, Informative

In USA you're already required to pay a tax to a corporation (unless you are happy to die early from a treatable disease) - and guess what, we pay less in the UK for our health coverage than most people pay in the USA.

--
SURELY NOT!!!!!