Slashdot Mirror

← Back to Stories (view on slashdot.org)

4 Microsoft Engineers Predicted DRM Would Fail 10 Years Ago

Posted by Soulskill on from the not-that-companies-have-listened-yet dept.

An anonymous reader writes "Ars is running an article about a paper written just over a decade ago by four engineers at Microsoft. In it, they talk about the darknet, and how it applies to distributing content online. They correctly predicted the uselessness of DRM: 'In the presence of an infinitely efficient darknet — which allows instantaneous transmission of objects to all interested users — even sophisticated DRM systems are inherently ineffective.' The paper's lead author, Peter Biddle, said he almost got fired over the paper at the time. 'Biddle tried to get buy-in from senior Microsoft executives prior to releasing the paper. But he says they didn't really understand the paper's implications — and particularly how it could strain relationships with content companies — until after it was released. Once the paper was released, Microsoft's got stuck in bureaucratic paralysis. Redmond neither repudiated Biddle's paper nor allowed him to publicly defend it.' The paper itself is available in .DOC format."

1 of 142 comments (clear)

  1. Re:The money quote by fuzzyfuzzyfungus · · Score: 4, Informative

    The fundamental misconception of the paper(which, as you note, Apple was first to demonstrate in a broad and serious way) is that DRM is about controlling exfiltration rather than controlling playback.

    Yeah, obviously, even the people who design PAL hardware for thermonuclear warheads are going to have a difficult time designing DRM systems that will resist prolonged physical access by a sophisticated attacker. If they have to build such systems on a consumer electronics budget, forget about it.

    However the 'break once, play everywhere' DRM defeat model implicitly assumes that computers will be 'default allow' devices. That, unless a given object is specifically encrypted/crippled/otherwise fucked with, they will happily do their best to work with what they are given.

    This simply isn't true. Market forces have prevented going 'default deny' in certain highly competitive sectors(eg. nobody selling cheap DVD players can get away with selling DVD players that play only CSS-encrypted disks) and for certain legacy formats(it isn't really an 'mp3 player' if it doesn't play mp3s...); but it is increasingly the case that more sophisticated devices are 'default deny'.

    None of today's consoles will boot an unsigned binary, even one otherwise compatible with their environment without modification to the system(sometimes a software crack, some are known only to possess hardware vulnerabilities requiring physical modification). The iDevices of the world will reject any .ipa executable package that isn't DRM-encumbered. You can strip off the "fairplay" all you like; but unless you have a jailbroken device or access to a trusted signing key, you aren't going to be running it... Microsoft's "Windows RT" will be the same thing for Windows style executables.

    If anything, what the MS guys demonstrated is that (because of the 'darknet' consideration) 'Trusted Computing' as DRM is doomed to failure and its only real function is trusted computing as control.