News Why DRM does not work

[Tim S]

http://www.bit-tech.net/news/2007/09...oes_not_work/1

As much as we all hate DRM, it is something that the industry feels is needed. Peter N. Glaskowsky dives into the sticky subject and points out the best ways to help enforce it.

[Laitainion]

Problem with that approach is that it is involves the creation of technology and infrastructure for a big brother (a la 1984 by George Orwell, the not appalling TV programme). The music industry should be trying to adjust it's business model rather than forcing DRM down our throats. I might even go as far as the say the current structure should be abolished and we should start over, as the whole record label thing is meant to support talented artists so they can produce good music etc. etc. but it has just become a money machine that wants to exploit artists and consumers.

'Course, I could be wrong about all this as my view of the modern capitalist system is that it is horribly broken, Adam Smith (the inventer of capitalist thinking) would be spinning in his grave, I think.

[cyrilthefish]

Apologies for the large quotes here

http://www.guardian.co.uk/technology.../04/lightspeed

Quote:

[crytography] It's great for email, but it can never work for movies, TV shows or music, because in the case of "copy protection" the receiver is also the person that the system is meant to guard itself against.

Say I sell you an encrypted DVD: the encryption on the DVD is supposed to stop you (the DVD's owner) from copying it. In order to do that, it tries to stop you from decrypting the DVD.

Except it has to let you decrypt the DVD some of the time. If you can't decrypt the DVD, you can't watch it. If you can't watch it, you won't buy it. So your DVD player is entrusted with the keys necessary to decrypt the DVD, and the film's creator must trust that your DVD player is so well-designed that no one will ever be able to work out the key.

This is a fool's errand. Because the DVD player has the key, it's always possible that it can be extracted by academics, hardened hackers – or just kids who are in it for the glory.

Quote:

And the thing is that if a DRM is broken once, it's useless. The breaker can put his copy of the movie, music, ebook, or software online on a peer to peer network or fileserver, and from there anybody can "break" the copy protection simply by downloading a copy. It's a one-shot deal.

DRM is supposed to force those unwilling to pay into buying, rather than nicking, their media - but once the cheapskates can search for a cracked copy on Google, it is meaningless.

And finally the main point:

Quote:

This means that ultimately, DRM only affects people who buy media honestly, rather those who nick, borrow or cheat their way to it. In turn that means that the people who ultimately bear the inconvenience, cost and insult of DRM are the paying customers, not the pirates.

There are some fundamental truths in the universe. We cannot travel faster than light, and we cannot make a copy protection system that is uncrackable.

The only question is: how long will paying customers stay when the companies they're buying from treat them as attackers?

DRM is like the anti-police, instead of protecting the innocent, it only affects the innocent instead of the people it was aimed at.

[bilbothebaggins]

Quote:

Quote:

As this holds true for every digital information, not only music, I believe it will be increasingly common for states to heavily regulate and/or patrol internet traffic and usage. At the moment the net, despite everything, is still an early technology (meaning: it has not permeated the lives of major parts of the populace and the policy makers as have TVs or Cars or Telephones) I think once policy makers (and the state workers actually writing the laws) really understand what they CAN regulate and control by forcing stuff upon telecoms and ISPs I fear they also will make use of that power.
The internet WILL end up being just as regulated as telephones and cars and everything else. It's just the music industry that suffers the most at the moment; thats why they are in the focus atm.

002

[DXR_13KE]

the stupid thing is that if they changed their distribution method and pricing they could have ludicrous income.

[Firehed]

It's all evil in it's most digital form. I'm okay with a serial key when appropriate (software), but any activation or whatever is both ineffective and hideously irritating. And that's why I give NO money to any producer who relies on DRM. I haven't bought a movie in about two years, it's been quite some time for PC games (I used to buy and then play a cracked version, but then my money is still saying that I'm okay with it, which I'm not).

[Phil Rhodes]

Quite apart from the well-known problems with these systems, most of which I'm sure will be discussed here, there's an additional, counterintuitive problem with this:

> Playback devices must not be able to play full-quality unprotected content.

I work in the film and TV industry and I regularly produce DVDs for people - generally the sort of thing that is sold in gift shops. These DVDs almost never have the region restrictions in use, simply because we're in the business of creating things people can watch, not things people can't watch.

What's particularly insidious about restricting what unprotected content people can play is that in order to produce protected content, you have to pay large amounts of money to a central controlling agency. That's fine for DVDs, since I can produce unprotected content here at home on a DVD burner - and for runs of under 100 discs, I frequently do. But if my work is going to be downsampled, reduced, and adulterated because I didn't implement the copy protection, that's very unfair.

In short, they're saying: unless you are Twentieth Century Fox, we're going to make your work look like ****. This is tantamount to censorship.

Phil

[completemadness]

The whole system is stupid

You go out and buy a DVD, you actually payed for it, and you are treated like a criminal, warnings that people will bash down your door if you do such and such, or that you will lose your liveleyhood due to sueing if you do whatever else

Copy protection is inherently flawed, and no matter how sophisticated the system, it will be broken
Look at securom, look at bioshock, the most sophisticated copy protection to date, AND IT WAS CRACKED
Look at HD-DVD / BD - the copy protection on that was broken too
Hell look at biometric passports, it took them £billions and cost someone $200 and a week to crack it

When will these people learn, it doesn't work, it has never worked, and it never will work

And then they say "oh pirates cost us $whatever per second" and so on and so forth
Perhaps if they didn't pay so much money for flawed copy protection systems, and if they weren't so greedy and set a decent price, they might actually sell a lot more, and everyone would be a lot happier

Oh and the one that really pissed me off, there is no CSS decryption system in Linux (or at least a legal one), so to play a DVD in Linux the CSS protection has to be removed, which is illegal (at least in America now)
So because their too lazy to see past the ends of their noses, they are criminalising people who actually want to do things legally, and Ive heard quite a few people say they can no longer play DVD's for fear of being sued/arrested for using these programs (due to a recent change of the laws in the US)

[Techno-Dann]

The current DRM mentality can not and will not succeed. The customers-are-our-enemy mentality among the media companies invokes its converse: customers are increasingly adopting a media-companies-are-our-enemy standpoint.

From a technical standpoint, DRM will never succeed. The programmers and logicians developing the systems are hopelessly outnumbered and in a seriously disadvantaged position. The media companies know this.

Put the two together, and you get a fairly simple explanation for the RIAA's (and everybody else's) recent actions: They're backed into a corner by an increasingly hostile customer body, and their only weapon (DRM) is hopelessly weak. Never mind that the corner, hostile consumers, weapons, battle lines, and entire analogy was created by them (which they don't realize), they're like any cornered animal - they lash out unpredictably and violently, trying to hurt as many of their enemies before they're torn apart.

[Breach]

DRM has never even come close to being effective. Hackers break them before they are even in the wild yet.

I love how these companies complain about losing money to "piracy" when they are spending countless millions on broken technology and not changing their business model and listening to their customers. They seem to forget that they treat their customers like criminals if we buy their DRM infested content because it is assumed that we will pirate it, or download it for free. So no thanks, I will take free.

[htuann]

There are systems out there that do decent job on DRM without the need to meet the 4 requirements mentioned. Take a look at some application streaming products out there to see what they're all about: Softricity, AppStream, Endeavors, Exent, or free at http://www.stream24-7.com/showscreen.php?screenid=442, or pay at http://www.gametap.com/home/. These are systems that allow using full-blown applications without any hardware integration while still provide license tracking and/or application protection (so the first 2 requirements are not really requirements then)

These all follow SaaS model hence they work well with software (applications and games) rather than media (like songs or video); but providing that capability is not a step too far away anyway. How do they do it? Special marshaling of the original application with encryption and compression and then providing the content via secure channel, with caching for performance purpose...

[GuitarBizarre]

Life cycle of DRM:

Big monopolistic company who want to own everything they never created but feel they're entitled to the biggest slice of the pie just for distributing it...we'll call them 'Syno' for short.

Syno exec #1: We need to make sure no-one can copy this and sell it cheaper than us because that'll hurt our profits, which are already multiple times the cost of producing the product.
Syno exec #2: Ok, we'll make it so people can only play it when we say they can, we'll code it in somehow.
Syno exec #1: Great!

Syno exec #2 then hires a programmer or team of programmers being paid extortionate amounts of money, and they code in a protection onto the discs so that it can only be played in certain circumstances approved by Syno.

The product is released, and Jimmy Olsen buys a copy. He then decides he wants to install it on his girlfriends PC at the same time as his home PC, so he can transfer the save files over and continue where he left off at home, when he stays at his girlfriends house. Unfortunately when he installs it on his girlfriends PC it says his serial is already in use and he can't do that.

Jimmy then goes home and browses the net and finds a torrent site. Jimmy sees a cracked copy of his game and wonders if he can use that at his girlfriends house. He already bought it once, so he should have the right to use it in more than one place if its only for his use, right? Jimmy downloads and burns his new cracked copy of the game. Jimmy is happy. Jimmy is happy because someone cracked the protection that cost thousands to implement for Syno. Someone cracked that protection because they realized if they wont someone else will, or simply because they were in a similar situation to jimmy and had the skills to do something about it.

News that their supposedly uncrackable protection has been beaten reaches Syno, and the following conversation ensues:

Syno exec #1 - People are getting our game for free! Look how many downloads this file has!
Syno exec #2 - Yes sir. I'll hire another team of programmers to create a patch for the protection, (which is already useless because people can choose to not upgrade.)

Programmers code protection, protection is cracked again, Jimmy continues playing his cracked copy of a game he already owns. Syno continues pumping money into new and more elaborate protection scheme until the product is no longer sold. By the end of this, Syno have spent more on developing protection for the product, than they did on developing the product, and are still none the wiser to how many copies of that illegal torrent have been downloaded by people who simply want to use it a different way. Syno assume all of those copies are pirates selling hundreds of copies illegally and use this to claim their product has been pirated many times more than is actually true.

Syno then evaluate this and conclude that if their program is being sold illegaly so often, then they must protect it in a way that cannot be countered, so they continue creating more elaborate and restrictive protections, all of which are subsequently cracked and the cycle continues, with each upgrade to the protection requiring more money for programmers, and more user interaction to simply meet the requirements of using the product.


Eventually, this drives the cost of the product up immensely until people are more willing to take a copy for free, as the cost of applying protection soon drives the price of production up, which drives profits down, which drives prices up. Soon the product is priced above its worth to the consumer and the consumer simply takes a free copy rather than pay what he sees as an extortionate amount for a limited and restricted version of the same thing.

All the while Syno foolishly believe two things: 1, that uncrackable copy protection is possible, and 2, that their efforts can actualyl reduce piracy, when in fact it is making the opposite true.

[mattthegamer463]

Quote:

* Playback devices must not be able to play full-quality unprotected content.

So how does Dad watch little Timmy's first bike ride he filmed using is HD camcorder? He isn't allowed to watch at his full HD resolution he paid a premium for just because its unprotected content he made himself?

Execs are thinking far too small, they don't see the big picture and the literally thousands of implications protection has. Another reason why it can never work.

[David_Fitzy]

This guy has got the right idea. He barely mentions DRM his whole speech is aimed at the reasons that P2P can be good for producers and consumers, the conclusion of which is DRM isn't required. He only covers video content, but I can see adverts on the embedded images of MP3s but they'd still be removable
Piracy is Good?Part 1/7

Just so I don't fill the page up with video players, See the Rest of the playlist