Open Source DRM reloaded
p2p news / p2pnet: Sony BMG used open source code to plug Apple DRM into its disastrous rootkit spyware, wrote Alex Halderman last August.
That’s one DRM open source connection. Then there’s yer actual open source DRM. And No, it’s not a spoof.
“Sun Microsystems has set up an ‘initiative’ to stymie attempts by Microsoft, principally, in its efforts to dominate the copyright protection arena, such as it is,” p2pnet posted in August, 2005.
It’s called the DReaM initiative. Nightmare might be more appropriate. But the initials DRM don’t fit nicely into that ; )
So anyway, “Assuming it catches on, this would create a bizarro world version of the copy-protection landscape,” says Eliot Van Buskirk in Wired News.
“Today, consumers largely scorn DRM schemes in favor of unprotected MP3s ripped from CDs or downloaded off P2P networks. One reason for this is because iTunes-purchased music only plays on iPods, and subscription files from services such as Rhapsody only play on Microsoft Janus-compatible MP3 players.
“If DReaM works, consumers will be able to access their purchased songs through a number of providers, and using a wide variety of devices.”
Wouldn’t a whole slurry of DRMs take much of the bite out of DRM, even if there was the remotest possibility that it could work?
Apparently not.
“In a world where DRM has become ubiquitous, we need to ensure that the ecology for creativity is bolstered, not stifled, by technology,” says Creative Commons founder professor Lawrence Lessig.
“We applaud Sun’s efforts to rally the community around the development of open-source, royalty-free DRM standards that support “fair use” and that don’t block the development of Creative Commons ideals.”
It’s called ‘compromise’ and it, not money, makes the world go around. And if open source DRM will make the entertainment and software cartels happy, why not? It won’t make any difference to anyone else.
Also See:
disastrous – Sun touts open Source DRM, August 22, 2006
stymie attempts – Sun touts open Source DRM, August 22, 2005
Wired News – Reasons to Love Open-Source DRM, April 3, 2006
bolstered, not stifled – Open Media Commons Releases Specifications and Source Code for DRM, March 22, 2006
April 3rd, 2006 at 8:58 pm
No DRM would obviously be best, but content “owners” having adopted the philosophy that it’s consumers (they don’t think of us as “customers”) are the enemy will have none of that. Since they are deeply convinced (however wrongly) that DRM is an absolute necessity an open standard WOULD be MUCH better for us consumers than if Microsoft gets hold of all the marbles (OS, DRM, defacto format standards, TPM, etc, etc…).
That’s my opinion.
April 3rd, 2006 at 10:00 pm
This article makes me wonder what definition of DRM people are using.
Free/Libre and Open Source Software protects the rights of software users to “run, copy, distribute, study, change and improve the software.”
A technical measure which is applied only to the content, and which does not prohibit the owners of devices to tinker with the software can be implemented in FLOSS.
A technical measure which is applied to a device, and which prohibits the owner from tinkering with and being in control of the devices which they own, can not be implemented in FLOSS. Any technical measure which presumes that the owner of the device is the attacker can not be implemented in FLOSS.
So, what meaning of DRM is being used which can be implemented in FLOSS? Many people are using incompatible meanings of these terms, so I’m curious what meaning is being used here.
April 4th, 2006 at 12:25 am
Your observation that the authors are perhaps playing fast and loose with terminology and acronyms is valid. I believe it’s the term “open source” that is being abused here, not so much the acronym “DRM”. IMHO DRM is ripe for some well deserved abuse, but that’s not the point here. I suggest we not get lost in semantics and take an objective look at what is being proposed, and more importantly, what we will be left with if Microsoft becomes the default DRM provider for the world.
April 4th, 2006 at 12:31 am
Either a technology treats the owner of the device as the attacker of that device, or it does not. Either the owner of devices have the right to tinker with what they own, including changing the software, or they don’t.
It does not matter which vendor treats the owners of devices as the attacker. It could be Microsoft, Apple, or coalition of a hundred DRM vendors and the devastating effect on the future of creativity and innovation would be identical.
April 4th, 2006 at 6:44 am
Surely Lessig is being ironic?
Surely Sun is having a larf at our expense?
http://www.voidstar.com/node.php?id=2694
As Ed Felten has noted, DRM cannot work without hidden code which means that DRM naturally tends towards being spyware.
Making the source open is just encouraging coders to hack the source so that the decoder generates easily copyable plain versions instead of awkwardly useable ones. You can’t give the customers the encrypted content, the keys, the algorithm and the source code for the algorithm implementation and still control what happens to the unencrypted content. And I’d give it about 1 day from release of the DReAM source to release by somebody else of the DReAM Remover program.
Or maybe I’m seriously missing the point, or seriously misunderstanding SUN’s proposal.
April 4th, 2006 at 7:59 am
April 4th, 2006 at 11:55 am
In my opinion a GPLv3 DRM would be best, because I could always disable it.
I have no problem with my software telling me, that I am not allowed to copy a file, but I have a problem with softwre stopping me from actually doing it.
Maybe I want to do it in a country, were it is legal to copy music.
Or on the open ocean.
April 4th, 2006 at 1:25 pm
Good attept though
April 4th, 2006 at 4:53 pm
Your points are well take and I have no argument with them. However, this is not about DRM vs no DRM. We can adopt a boycot mentality and “say no” to DRM, but in the world of mainstream content distribution DRM is a reality that is not going away anytime soon. So, do we hand the keys to Microsoft who WILL TAKE OVER the “legitimate” content biz if they are allowed to, or do we support an “open standard” non royalty based DRM scheme that allows small players to enter and stay in this so called “legitimate” content and playback device game?
BTW, The “let ‘em have their crappy DRM crippled content”, we’ll go our own way, thanks.” alternative is not entirely unattractive to me. I just feel like that approach is pretty much turning our backs on our less informed friends out there.
April 4th, 2006 at 11:28 pm
am I the only one feeling slightly betrayed by Lessig on this? I feel like throwing up my hands and saying “we have no leader!” – how do you go from years and years of adovacting the importance of a non DRM world to – well if its open source its okay – I noticed in his commentary he didnt mention that the fair use provisions of DReaM are optional at the choice of the copyright holder, so while some may be generous enough to give us what we’re entitled to its more likely that the majority wont so what difference does it make who controls the DRM when it still stifles creativity and consumer rights. There is no way he should be supporting a permission culture in any way shape or form.
April 5th, 2006 at 2:52 pm
We are looking at it from different perspectives. I’m involved in lobbying the government, and from my perspective the goal should be to push for a law which makes it illegal to put a “technical measure” onto something that you do not own. That means that a copyright holder can put a technical measure on their content, and a device owner can put a technical measure on their device. A device owner can’t put on or take off a technical measure on content, and a copyright holder can not put on or take off a technical measure on a device.
Note: If you are a Canadian, we have a form letter we are encouraging people to send to their MPs as well as a petition. See: http://digital-copyright.ca
When I skim the articles it seems to me that Sun *IS* playing with the common understandings of “DRM” as technology which controls devices we own and consider the owner to be the attacker.
They seem to be talking about a content delivery system where:
a) Content holder would also own the content delivery computer that is “sending” the data to their customers, and would ensure that only authorized customers can access that system. No controversy there.
b) Content holder would encode the content such that only an authorized customer can decode it.
c) The software running on the audience computer would be FLOSS licensed, and would require the addition of a key in order to unlock the content. A key unique to that customer would be delivered to the owner of the computer by the content holder.
There is nothing controversial in the above situation. There is no party putting a “technical measure” onto something that they do not own.
This becomes controversial when, like Apple’s Orwellian-named “FairPlay”, the keys to unlock the content are embedded in the software, and a condition of being able to unlock the content is that you run a technical measure on your own computer which compromises your security/privacy/etc. Canadian privacy legislation (PIPEDA) disallows that type of condition, and we need to lobby to add a prohibition on this type of condition onto the provision of works under copyright as well.
It is quite possible that this type of strategy could work given the largest copyright holders seem to be entirely technically incompetent and wouldn’t be able to tell the difference between such as delivery system and the (hopefully in the future illegal) “FairPlay” system.