Become a fan of Slashdot on Facebook


Forgot your password?
Communications Media Music The Almighty Buck Your Rights Online

Cory Doctorow on Digital Rights Management 415

VerdeRana writes "I just heard the EFF's Cory Doctorow give this fantastic argument critiquing DRM. He makes a great case for why DRM is bad for society, business, and artists, why it simply don't work, and why Microsoft (the audience for this talk) should not invest in it. Broadcast this far and wide, and maybe someone will listen."
This discussion has been archived. No new comments can be posted.

Cory Doctorow on Digital Rights Management

Comments Filter:
  • DRM (Score:5, Insightful)

    by mirko ( 198274 ) on Friday June 18, 2004 @08:11AM (#9461665) Journal
    The problem with DRM is that it's got a name that people might consider making it the only right-management-related concept, now, DRM is not alone in its category and there'll be other to take care about, like DVD region locking, etc...
    • Re:DRM (Score:5, Insightful)

      DRM is an industry attempt to enforce a monopoly, just like region locking.
      The fiasco of DVD restrictions runs counter to every single principle of the free-market which these companies supposedly hold dear.
      The reality is that free-market is only supported when it benifits the big guys, and in the case of digital media, it dosen't.

      It's time for people to realise, music and movies are only big business because the few have a monopoly on their, inexpensive, reproduction. Now that Joe Sixpack has the ability to reproduce, they want to take it away from him. It's shameful. The way to deal with piracy is to reduce the cost of your products. That way they'll be so cheap people won't bother pirating. It's only the monopoly that makes them so expensive.
      • Re:DRM (Score:5, Insightful)

        by mpe ( 36238 ) on Friday June 18, 2004 @10:04AM (#9462514)
        The fiasco of DVD restrictions runs counter to every single principle of the free-market which these companies supposedly hold dear.
        The reality is that free-market is only supported when it benifits the big guys, and in the case of digital media, it dosen't.

        The same way certain large corporations are pro "globalization" when it means they can get the cheapest possible raw materials and labour. But get upset when customers and retailers (some of whom are themselves large corporations) try to choose the cheapest sources of goods.
    • Re:DRM (Score:3, Interesting)

      by MisterBad ( 40316 )
      The FSF recommends against [] using the term "digital rights management". They suggest other terms, such as "digital restrictions management" or "handcuffware".
  • ...then we'll see, in the long term, exactly how good an investment that was. My guess is lousy.
    • Yeah; in fact, why don't we encourage them to incorporate DRM into IE, Outlook, and other software that is capable of downloading copyrighted material from the Net? It would seem to me that this is an obvious area where wholesale copyright infringement is going on, and they have a real chance to stop it.

      After all, much of the stuff on the Web (including all the stuff here on slashdot) comes with a copyright notice. How many of us ever get written permission from the copyright holder before we copy their
  • by Kombat ( 93720 ) <> on Friday June 18, 2004 @08:15AM (#9461683) Homepage
    Companies dealing in intellectual property have never before faced this level of onslaught of piracy and infringement. This isn't something that happened overnight - it's been building up for years (although in recent years, it has accelerated greatly). While a lot of people criticise the methods they're employing to try and protect their assets, few can offer insightful solutions that have solid financial reasoning behind them. We all just seem to assume that if you offered your property for $1/track, that piracy would vanish. Well, they took us up on that challenge, and piracy hasn't vanished.

    These people/companies are getting desperate. Sure, I don't think DRM is a silver bullet either, but it is at least slowing the problem until they can figure out a better, long-term solution.

    The real thing we should be worrying about in all this is the laws they're passing in the meantime, like the DMCA. While the companies themselves will evolve through this, the rights-stripping provisions enshrined in legislation will be much, much harder to phase out. Laws are rarely repealed, and THAT is what should concern us.
    • by bhmit1 ( 2270 ) on Friday June 18, 2004 @08:32AM (#9461762) Homepage
      We all just seem to assume that if you offered your property for $1/track, that piracy would vanish. Well, they took us up on that challenge, and piracy hasn't vanished. Actually, if I could find the bands I enjoy for $1/track as an mp3, then sure, I'd pay it, even if there was an inaudible watermark in the file. But $1/track for some DRM'd file that I can't play on any device I own isn't going to change anything.
    • by Gigs ( 127327 ) on Friday June 18, 2004 @08:50AM (#9461889) Homepage Journal
      "There has grown up in the minds of certain groups in this country the notion that because a man or a corporation has made a profit out of the public for a number of years , the government and the courts are charged with the duty of guaranteeing such profit in the future, even in the face of changing circumstances and contrary public interest. This strange doctrine is not supported by statute nor common law. Neither individuals nor corporations have any right to come into court and ask that the clock of history be stopped ,or turned back, for their private benefit."
      - Heinlein's Lifeline

      Your argument is flawed! They have continually faced these types of onslaughts. From monks handwriting manuscripts to the printing press, to the copy machine. Live performance to wax phonographs to LP's to tapes and now digital. With each change in technology the cost of production changed just as dramatically then as it has now. Since the cost of production has fallen to the level that is very near free you can not justify a cost to the consumer that is way way above free. And the fact that you business will go under doesn't matter one little bit. If the RIAA and all of its studios went out of business today there would still be lots of music to listen to tomorrow.
    • You can't blame Cory Doctorow for trying, either. "Larry Lessig hanger-on" probably isn't a niche that can profitably support a lot of careers, but he's demonstrated that the number is at least one more than I had thought.

      We all just seem to assume that if you offered your property for $1/track, that piracy would vanish. Well, they took us up on that challenge, and piracy hasn't vanished.

      Really, I don't think most of "we" have ever been honest about it. When companies tried to crack down on Napster and si

      • by idiot900 ( 166952 ) * on Friday June 18, 2004 @09:34AM (#9462246)
        The reality is that the techie community has never offered anything beyond "You're rich and I hate you and computers should be outside the law and anyway I'm helping the artists by not paying them."

        That's part of it, but the larger issue that riles tech types is that protection of copyrights on music and movies is only a small part of what the entertainment industry's new laws affect. The fundamental issue here is that these laws limit the dissemination of information in ways that run counter to the values that we believe the United States was built on. For example, the DMCA makes certain math equations illegal to use or even tell people about. You could invalidate large swaths of public domain knowledge by demonstrating that such knowledge pertains specifically to breaking your stupid protection scheme.

        In a nutshell: techies hold the pursuit and dissemination of knowledge in all its forms dear to their hearts - after all, computers were designed for those very purposes. DRM stabs at the core of this ideal by limiting said pursuit and dissemination.

        The MPAA and RIAA, slimy and evil as they are, deserve to not have their content pirated. But they are trying to do this by legislating away the idea of a free knowledge-based society, and that is where I have a big problem.

        (I apologize for any factual errors and welcome corrections.)
    • by psychofox ( 92356 ) on Friday June 18, 2004 @09:02AM (#9461983)
      > Companies dealing in intellectual property have never before faced this level of onslaught of piracy and infringement.

      You obviously haven't read the article. It is littered with examples of how companies have in fact dealt with "piracy" and "infringement" many times before in the past. Going back over a hundred years in fact.
    • by wkitchen ( 581276 ) on Friday June 18, 2004 @09:05AM (#9462007)
      We all just seem to assume that if you offered your property for $1/track, that piracy would vanish. Well, they took us up on that challenge, and piracy hasn't vanished.
      No, they didn't. What they're offering for $1/track is a product grossly inferior to what we were getting for a similar price on old-fashioned CD's (before they started screwing those up with copy protection). How can there be any hope of a new product catching on when it's significantly worse than what people are already accustomed to?

      There are lots of songs I'd happily pay a buck for if it had the same quality and versatility as what I'm used to from CD's. And that means lossless compression and no DRM. And I'd happily buy songs with a lossy compression but at a good bitrate and with no DRM for .50/track. But the DRM infested garbage they're selling now? That's worth exactly 0$ to me.
    • by 0123456 ( 636235 ) on Friday June 18, 2004 @09:06AM (#9462016)
      "I don't think DRM is a silver bullet either, but it is at least slowing the problem until they can figure out a better, long-term solution."

      It's not 'slowing the problem', and quite possibly it's making the problem _worse_. Today, if I want some music I can buy a DRM-crapped CD and have to fight to play it on my PC, or I can just download the songs for free from the web. If I want to play a game, I can buy it with some braindead 'copy protection' that will probably screw up my system by installing stupid fake drivers, or I can download a cracked copy from the web.

      If free distribution of your products is a problem, you don't solve it by making your products more of a hassle for your paying customers to use, and treating those customers like criminals.
  • by mOoZik ( 698544 ) on Friday June 18, 2004 @08:16AM (#9461689) Homepage
    So don't be surprised if some companies take htr same concept, put a less 1984-esque label on it, and market it successfully to people. DRM is here to stay, in one form or another, and for better or worse.

    • I agree. The article makes some interesting points but a fact remains. There is a problem will illegal copying and it must be addressed in some way, shape or form and the obvious solution is DRM. /. may hate the big studios, the record companies and big software houses but at the end of they day they invest large amounts of money in producing content for which they are entitled to expect at least some level of protection especially given how ridiculously easy it is to copy and redistribute digital material
  • by skyryder12 ( 677216 ) on Friday June 18, 2004 @08:21AM (#9461713)
    Actually, it seems to be a re-hash of eveything we have known that is evil about DRM for the last few years, just all prettied up and in the same place. I despair that these arguments have much worth, particularly when you are talking to a corporate entity that has twice been convicted of monopolistic practices. It seems naive to me to even expect to be able to make such a difference. Since I live in the U$A, I know, no matter what the rhetoric, that it all comes down to money in the end. They will take a buck from anyone and anywhere that they can, and of course genetically they subliminally support the monopolistic practices of others. Computing literacy will be the next dividing line between rich and poor......
    • by gclef ( 96311 )
      Actually, that's his whole argument at the end: you guys [Microsoft] can beat any copyright lawsuits...heck, copyright lawyers are nothing to the anti-trust folks, and you beat them. Forget what the lawyers are saying and make the product your customers want.

      He's actually appealing to the money-making side of Microsoft, to get them to make a product that will sell. I suspect that this is about the only tack that has any chance of succeeding at a place like MS.
  • slashdotted with only nine posts in this article... did anyone get it mirrored???
    • Microsoft Research DRM talk

      Cory Doctorow

      June 17, 2004


      This text is dedicated to the public domain, using a Creative Commons public domain dedication:

      > Copyright-Only Dedication (based on United States law)
      > The person or persons who have associated their work with this
      > document (the "Dedicator") hereby dedicate the entire copyright
      > in the work of authorship identified below (the "Work") to the
      > public domain.
      > Dedicator makes this dedication for the benefit of
  • by Anonymous Coward
    "DRM turns computers against their owners. I don't want a Disney security guard sitting in my living room watching my every move." -- Ian Clarke
  • Doctorow (Score:4, Informative)

    by arvindn ( 542080 ) on Friday June 18, 2004 @08:26AM (#9461734) Homepage Journal
    In case you don't know, Doctorow is the author of Down and Out in the Magic Kingdom [] (available for free), a great book which explores a sort of utopian future where the economy is no longer scarcity based and reputation is everything. Interestingly, if there's anything that's sure to kill any chance of our transitioning to an abundance-based society, it's DRM.
  • DRM is not something that Microsoft is trying to promote because it wants to safeguard hollywood content.

    It is a technology they are trying to force on everyone because it allows them a greater level of control over their market, and they are using the Hollywood lobby to push their own agenda.

    As such, Corys talk can be used to unmask their real plans by debunking the "spin"

    In the end it does not matter, turing will out!

    what happens when Moores Law cranks a couple of more notches and we can use MS Excel
    • by SquareOfS ( 578820 ) on Friday June 18, 2004 @09:23AM (#9462144)
      Actually, I think what Cory was trying to convince them of is that they're being suckered into defending a business model they're not invested in -- namely, the Hollywood/RIAA model. (And, as a side note, that given the option between defending a dying business model and developing a new one, the new one is almost always the better bet.)

      His point is that Microsoft, like Sony with VCR, has no incentive to make a less capable tool.

      DRM should be seen, from Microsoft's perspective, as a Linux/free software incentive program: if you build deliberately crippled tooks, you give your users reason to walk away from them.

      And Microsoft has (or should have) far more interest in retaining the userbase than it does in
      receiving micropayments every time somebody plays a song on a DRM'd system.

      It also bears pointing out, of course, that there is a version of events in which DRM is a winner for Microsoft -- it's the version where we posit strict legal enforcement of restrictions on the right to create new digital technology and innovation is never allowed to outstrip DRM. Setting aside for the moment the moral arguments against that, Cory points out that history suggests that betting on the 1984 vision of DRM and computers is pretty long odds.
  • by dpbsmith ( 263124 ) on Friday June 18, 2004 @08:40AM (#9461814) Homepage
    Consumers are not being told which devices do and which don't contain DRM and therefore there is no opportunity for marketplace discipline to occur. By the time consumers understand what is happening, every new device will have DRM and it will be too late to "vote with your dollars."

    I recently saw a full-page ad in the Boston Globe for a Gateway (remember? the company that ran TV ads a year ago saying they support my fair-use rights to music) for something called a Media Center PC. My wife was interested and asked me to look into it. Go here [] and click on "What can I do with Microsoft Windows XP Media Center Edition 2004" and it says:

    "Watch your favorite shows, whenever you want. Record a single episode or capture an entire series. You can also watch a previously recorded show while recording a live TV program. With the new Media Center 2004, you're able to record a TV show directly to a DVD so you can start your own DVD collection or take it on the road and watch it late."

    Only if you go here [], click on ">FAQ" and scroll way down do you learn some relevant details:

    "Media Center uses a new file format called DVR-MS... Q. Can the file format used by Media Center be changed? A. No... Q. Can [they] be converted to another video format? A. At this time, [no]. Q. Can I edit Recorded TV files? A. Currently, [no].
    Q. Does Windows® Movie Maker support the Media Center file format? A. [Not at this time]."

    "Q. What is content protection and how is it used by Media Center? A. Content owners and/or broadcasters can set copy protection flags to indicate that a program is subject to content protection. When Media Center detects that this flag is set, it will protect the content by limiting the ability to copy and distribute the program. Q. Can protected Recorded TV files be watched on another PC? A. No... Q. Can protected Recorded TV files be played back on the same Media Center PC using Media Player 9 or other DirectShow-enabled applications? A. No... Q.
    Can I record a TV show to my hard drive and then to a DVD using my DVD-R and play it on my home DVD player? A. No..."

    Since few programs are currently using the broadcast flag, few consumers will discover these limitations either before they buy it or during the period when they could conceivably return it. DRM is currently in stealth mode. Like a virus that doesn't release its payload until it has infected many PCs, over the next five years millions of consumers will buy devices with DRM and not even know it. Then, suddenly, media companies will start turning on their protection flags and it will be too late to do anything about it.

    When I asked direct questions to Gateway representatives about whether I could "use it like a VCR or DVD recorder to record my favorite shows on DVDs" they assured me that I could. Essentially the reps seemed to know about the "what you can do" paragraph I quoted above, but not about the "funny file format" and "content protection" issues I summarized below.
    • Then, suddenly, media companies will start turning on their protection flags and it will be too late to do anything about it.

      Is there truly anything on television worth watching, much less watching again? I think by the time the media companies start turning on these protection flags nobody will be watching any more.

  • by zymurgy_cat ( 627260 ) on Friday June 18, 2004 @08:41AM (#9461820) Homepage
    I do believe that's the first argument I've ever heard that uses the Flo-Bee as an analogy for high tech.
  • by mukund ( 163654 ) on Friday June 18, 2004 @08:44AM (#9461839) Homepage
    DRM systems are broken in minutes, sometimes days. Rarely, months. It's not because the people who think them up are stupid. It's not because the people who break them are smart. It's not because there's a flaw in the algorithms. At the end of the day, all DRM systems share a common vulnerability: they provide their attackers with ciphertext, the cipher and the key. At this point, the secret isn't a secret anymore.

    I am going to state a counterpoint purely from a technical stance (my stance on DRM is not pro- or anti- as I still have a lot to learn). It is possible for the key to remain a secret, even if it is in the hands of the consumer. Right now apps such as iTunes have it in software. You can generate keypairs and store keys in a medium analogous to that used in smart-cards, in the player hardware such that if it is ever tampered with to get the key, the key itself is destroyed. The hardware would probably be the sound-card or the speaker system if it is digital where the decoding of the compressed audio would take place. Yes this is not available now, but there's a good chance of such systems coming into operation.

    Also like somebody in the MPEG committee recently said, the job of such DRM systems is not to put off the super clever guy who can break the system anyway... most systems are breakable. The plan is to put off the average consumer who may drag himself/herself into investigating the use of copyrighted content illegally if software and tools are available to *easily* circumvent such content-distrbution-restriction systems.

    Right now, to crack iTunes songs using a software program is super-easy because of easy availability of easily-usable software. Hardware systems will likely be much harder to crack if implemented properly (every tried cracking an iButton?). The key-pair can be generated by the hardware in question and can be used only by that hardware and the user will have no access to the private key. Tampering with the hardware will destroy the key.

    Unlike cracking the firmware (example: DVD firmware is 'patched' before update to play multi-region DVDs) the device may require the firmeware to be cryptographically signed by the vendor before it accepts it, hence voiding the ability to tamper with it.

    Of course, we have a long way to go before such hardware is designed and adopted.

  • Same (Score:3, Insightful)

    by cubicledrone ( 681598 ) on Friday June 18, 2004 @08:44AM (#9461845)
    Articles like this one follow a familiar pattern:

    1) The history of copyright, complete with exhaustive descriptions of the piano roll and the Monarchy.

    2) A sob story about some poor honest member of the global audience who can't watch the latest Hollywood crap-fest because they don't have eight copies of it arranged so they are never more than 10 yards from at least two of them.

    3) Ringing, strident statements about how Anything can be copied(tm) do you hear me??!?! WELL, DO YOU??!?!?!?!?!!?!

    4) The argument then swerves into the ever-popular "in the future, the Internet will make copyright obsolete and artists will all live in a Utopian paradise where everything is free, free, free like the book they spent 4,000 hours writing which is at this very minute available on 4,000 warezzzzzzz sites for your convenience"

    5) This is usually followed by the standard "books are worthless, music is pointless, art is disposable, inspiration is a commodity" argument which offers the idea that because something can be cheaply copied, it has somehow become worthless.

    Throughout each of these discussions, there is always support for "well, we'll just copy it anyway" which is why this argument has long since lost even the remotest shred of credibility.

    There is only one question that needs to be answered. Is there any set of conditions under which the "copy every last fucking bit on Earth" people will just pay for the fucking movie/book/CD/whatever?
    • Re:Same (Score:4, Insightful)

      by hyphz ( 179185 ) * on Friday June 18, 2004 @09:25AM (#9462167)
      > Is there any set of conditions under which
      > the "copy every last fucking bit on Earth"
      > people will just pay for the fucking
      > movie/book/CD/whatever?

      Yes, the case where they respect the authors.

      Think about it. Most people don't steal stuff. Also, they don't copy stuff done by bands or people they have a personal connection to.

      The problem is that the whole industry is now geared towards giving customers a totally skewed perception. They are left with the opinion that a) creative artists have something unique called "talent", b) that this makes all of their work of creating art become easy, c) that they are special, distinct and superior from everyone else, d) that they never have to work hard, etc..

      You see that everywhere. Pop Idol, tour shows, glamour shoots, synapse sequences that don't show any work being done, "fun on the set" outtake tapes.. and it's all rubbish. Talent isn't proven to exist, and even if it is, there's no way of knowing in finite time that any person doesn't have it. Even talented people work hard to create art. Artists are pretty much like everyone else, and have problems of their own.

      But instead the industry is persisting in holding onto the glamour that they're super special stars. And then they're shocked when people's response is, "since they're super special, why apply conventional morality to them? Why worry about ripping off their work - they never had to work hard anyway?"

      And when laws get passed, they're shocked when people think "Well, those laws don't apply to US..." After all, you've taught them for the last 10 years that all the opportunities and rewards and advancement methods and skills that apply to creative artists don't apply to Joe Soap, so why should Joe Soap rush to embrace the negative side too?

      No. Enough. Start showing the truth. Nobody does anything in one take. Every piece of art has had huge amounts of pencil eraser pressure. Like your teacher used to say: show your working, it proves you're not cheating. And when your customers know you're not cheating, they won't cheat you back.

    • But you fail to attack the meaty arguments in the speech. Sure, it's stuff we've all seen before, but your reaction doesn't bear a whole lot of resemblence to the actual article.

      One point you fail to address is that competition and innovation are good, in the end, for the artists. When VHS machines came out, the MPAA screamed that it was the end of the universe and they were going to take their marbles and go home if congress didn't stop it. Well, lo and behold, an entire industry was created for renting

    • by SideshowBob ( 82333 ) on Friday June 18, 2004 @11:38AM (#9463436)
      The point of Doctorow's talk was that yes of course copying the bits is cheap and so people will do so. BUT in the past, faced with changing technology, the artists, authors, musicians, etc. have always found a way to adapt to the new environment and prosper even more than before. Today's artists are faced with the same challenge, and must not stick their heads in the sand and try to DRM away all the changes to the world and return to yesterday's status quo. We (society) may need to poke and prod them along a bit to get them to go down the right path.

      Here is how I see this playing out, take musicians: lets imagine a world where musicians realize that they don't need publishers anymore (at least, not old guard publishers); instead, they put their own copies of their studio recorded music out on the filesharing networks free for anyone to download. They make their living by doing a combination of other things a) live concerts INCLUDING streaming broadcasts on the internet b) limited runs of collector's editions a.k.a. box sets, artistic packages, etc. c) any number of new ways to do things that I can't imagine because they haven't been invented/popularized yet.

      Regarding A: yes anyone can rip the stream and make it available for download. But what you're attempting to do is to get society back into a mode where it appreciates live musical performances and values them accordingly. In other words, going back to the pre-piano player days. But this time you aren't limited to only being able to play in front of a roomful of people at a time. The challenge will be keeping the performances interesting and entertaining. Today's artists (Britney) aren't simply going to be able to take a road-show from city to city doing the exact same choreographed dance moves and expect people to tune in to broadcast after broadcast. Fortunately there are musicians out there that actually play music and know how to improvise. Hey I know its a crazy idea but there once was a time when people actually enjoyed music like jazz that by its very nature is changing.

      Regarding B: there is a market right now for art books. Books that tell a story but do so with a collage of words, pictures, and tactile experiences. These are generally expensive to produce, especially the ones with hand-made art. So the print run is limited. But that's a good thing. You can sell them for $100 or $200 to a limited audience of really enthusiastic fans. How about a box set of a new CD release from your favorite band that has hand copied liner notes, or maybe hand copies of the original sheets that the song was written on (scribbles and all), would you buy it? Maybe not, but I'm guessing there are fans that would.

      Regarding C: I don't have a magic crystal ball but I'm still confident that artists and musicians will come up with new and interesting ways to display their art to society and hopefully these new models will not be so dependent on owning a stranglehold on disseminating the actual bits. Just as player pianos begat pre-recorded publishing in the first place, the internet will beget new ways of disseminating art that we may not have thought of yet at this early stage of the game. The fellow (or gal) that comes up with this new scheme stands to make a pretty penny selling it to the artists.

      The entire premise of today's movie and music business is that you can make a fortune by controlling a stranglehold on dissemination. Well, that stranglehold has been loosened, time to find some other way. The stranglehold on distribution itself is a relatively modern happenstance, so this idea that its an artist's god given right to be paid handsomely for each note of his or her creation every time it gets played is a strange one, historically speaking. This evolution will require some effort on the part of the artists, but also some changes in society. Re-acquiring appreciation for live performances and musical improvisation and substance over style. Am I optimistic? Maybe overly so, time will tell.
  • by NigelJohnstone ( 242811 ) on Friday June 18, 2004 @08:51AM (#9461892)
    Microsoft wants a single encryption key as the secret.

    It wants that key protected inside the CPU.

    It wants OEM's to pre-register the computer with Microsoft and the key exchange will be done at that time to avoid man in the middle attacks.

    Your PC will have an encrypted channel, done via private key encryption between your CPU and Microsoft.

    So now all DRM keys for all encryption flow down this channel, direct into the CPU's store.

    You DON'T give the attacker the key in this instance, you give the COMPUTER the key. The COMPUTER works against the customer to protect the copyright holders wishes.

    It's still a breakable scheme , but the EFF guy didn't give them full credit for the scope of the scheme. Palladium & DRM are ONE AND THE SAME strategy.

    Without MS you can't send your DRM key securely, so any DRM seller has to be pay MS even if it doesn't use MS's DRM.

    I wonder though if governments will stand idly by and let Microsoft create a private encryption channel between everyone's computer and Microsoft.
    I strongly doubt it.

    • that sounds similar to the situation with WMP
    • by Alsee ( 515537 ) on Friday June 18, 2004 @03:20PM (#9465873) Homepage
      Microsoft wants a single encryption key as the secret.

      I'm not sure what you mean. At a minimum each application in NGSCB gets a different key. It uses a million different signing keys and encryption keys all over the place. You'll routinely have a file encrypted by a key, and that key encrypted by an other key, and that key encrypted by a chain of other keys encrypting each other. The same goes for signatures on signatures on signatures on signatures, a whole chain of signing keys.

      Each trust chip does have two master keys (different on every computer) - a PrivEK which is only used to decrypt or sign (never to encrypt), and a root storage key, but that key is only used to encrypt other keys.

      It wants that key protected inside the CPU.

      Well, they would eventually like to see the Trust chip (and it's two master keys) merged into the CPU. But for the time being they are satisfied with those keys locked inside the Trust chip.

      It wants OEM's to pre-register the computer with Microsoft and the key exchange will be done at that time to avoid man in the middle attacks.

      False. Trusted Computing does not function like that.

      The SRK is randomly generated when you get the computer home. No one, not even Microsoft can get at that key. YOU are especially forbidden to know your SRK.

      The other key, PrivEK, is generated or placed in the chip at manufacturing. No one can get at that key either, not Microsoft, and especially not you.

      The foundation of Trusted Computing is that you are forbidden to know your own keys. If you knew your keys then you could unlock anything on your computer. If you could do that, then THEY (meaning Microsoft, the RIAA, the MPAA, websites, whoever) then THEY cannot Trust your computer to do what THEY want it to do. THEY cannot trust your computer to enforce DRM against you. You could simply unlock everything and do what you want.

      They can't trust you, so they want to Trust your computer to control what you can and cannot do.

      That's why you are forbidden to know your own keys. Anyway, back to the keys...

      The PrivEK has a public half - the PubEK. They are a matched set, and they only work with each other. PubEK is not secret. You *are* allowed to know the PubEK. The PubEK key is signed by the manufacturer's key to prove it is a genuine chip key. The manufacturers key is only used to sign chip keys. The manufacturer's key is signed by the TrustedComputingGroups Master key to prove it is a genuine manufacturer's key. The TCG's Master key is only used to sign manufacturer's keys.

      So what happens is that you send your public PubEK off to Microsoft, or to a Certificate Authority, or whoever. You also send alond the manufacturer's signature, proving it is a real PubEK. You also send along the TCG's signature for the manufacturer's key, proving it is a real manufacturer signature.

      So someone gets all that and they know you sent a reak PubEK, and they know that PubEK matches up with a real PrivEK, and that real PrivEK's are only allowed to exist locked inside a chip, and that YOU are forbidden to know that key.

      Your PC will have an encrypted channel, done via private key encryption between your CPU and Microsoft.

      Sort of. Actually anyone that you give your PubEK to, as described above, can then get an encrypted channel to that chip. I will skip the details because it's even more confusing that what I explained above, lol.

      Anyway, that other person now knows that they are talking to your chip, and that YOU cannot understand, control, or alter that conversation. At this point your chip pretty much has total control of everything, and therefor whoever is talking to your chip sort of has ownership of your computer. It's real messy here. Technically that other person has no more control over your computer than you "voluntarily" granted them. On the other hand if you didn't grant them any and all control they demanded then nothing would be working at a
  • Poor logic (Score:2, Interesting)

    by sakusha ( 441986 )
    Cory's points don't stand up to even the slightest scrutiny. I'm appalled that he would attempt to explain how cryptography works in front of an audience at Microsoft that actually CODES crypto, considering how many fundamental errors he makes. But the kicker is his anecdotal evidence that there's no market demand for DRM. He whines about how he hit the 3 CPU limit of iTunes DRM, because he forgot to decertify one of his Powerbooks before he sent it back to Apple for repair, and that he already used up his
  • Apple has shown that DRM (like it or otherwise) CAN work.

    85m DRM'd songs sold.

    70% marketshare when (some) non-DRM alternatives are available.

    DRM is not strictly necessarily bad, it's just at the current state of play almost every implementation of DRM out there involves inconveniencing the user.

    When (if) this is fixed then DRM may shed slightly the synonymity with "evil".
    • I don't know if you RTFA or not, but it's worth reading about Cory's PowerBook problem near the end. Get through three different machines and all your iTunes are locked out, gone, adieu.

      iTunes is simply too new for the problem to have hit home to non-ubergeeks who don't buy a new laptop every 10 months. Yet.

  • Formats (Score:3, Insightful)

    by fulldecent ( 598482 ) * on Friday June 18, 2004 @09:08AM (#9462030) Homepage
    Remember this and remmeber it well:

    CD's aren't going out of style anytime soon

    Vinyl isn't going out of style any time soon.

    Customers have choices. And that isn't going out of style anytime soon

  • by skribble ( 98873 ) on Friday June 18, 2004 @09:20AM (#9462124) Homepage

    ...or at least misleading.

    You can de-authorize computers to play Apple Protected AAC's and thus authorize any different computer. So if you upgrade a computer you can de-authorize the old one and authorize the new one at no penalty.

    Other then that the article seems right on though.

  • Irony (Score:3, Informative)

    by lobsterGun ( 415085 ) on Friday June 18, 2004 @09:30AM (#9462204)
    Is it considered ironic when a posting under the heading of Communications uses the phrase, "He makes a great case for why DRM is bad for society, business, and artists, why it simply don't work, and why Microsoft (the audience for this talk) should not invest in it" ...pause...

    You don't see it???

    let me simplify

    "He makes a great case for why DRM...simply don't work... " ...pause... ...pause...

    Still don't see it?

    It should say, "He makes a great case for why DRM is bad for society, business, and artists, why it simply doesn't work" ...pause...

    no thats not all.

    When creating a list of items separated by commas, one should strive it insure that the items have similar meanings.

    Quoth the Grammar outlaw

    The grammar crime: Faulty parallelism distracts the reader and disturbs the flow of the writing.

    When two elements of a sentence are similar in meaning, you should express them in parallel form. In other words, all linked words should match in form.

    By using parallel structure, we both clarify the meaning of our writing, and add pleasing symmetry to it. Parallel structure joins and emphasises equally important ideas.

    The list above contains the structures :
    - society
    - business
    - artists
    - why it simply don't work
    - why Microsoft (the audience for this talk) should not invest in it

    There is no "pleasing symmetry" amongst those ideas when expressed in that form. ...pause...

    what you say? ...pause...

    No this isn't minutia. This is important. Mr. VerdeRana want us to go and spread this messaage far and wide. If we were to spread the above message we'd come off looking like buffoons.

    English: It's not just a good idea, it's a language.
  • by silvaran ( 214334 ) on Friday June 18, 2004 @09:39AM (#9462293)
    Broadcast this far and wide, and maybe someone will listen.

    I did, but because of my DRM, no one can hear it.
  • by Darth Cider ( 320236 ) on Friday June 18, 2004 @09:48AM (#9462383)
    Three days ago I was modded down [] to Troll simply for posting this list of Miscrosoft's DRM subscribers. The topic was convergence, how devices are all going to work together, so it seemed important to point out that MS DRM is already widely adopted.

    Supporters of Microsoft DRM [] .

    * Content companies America Online Inc., The Disney Co. and OD2
    * Service providers CinemaNow Inc., Movielink LLC, MusicNow LLC, Napster LLC, VirginMega France and Yacast
    * Consumer electronic device manufacturers Archos SA, Creative, Dell Inc., Digital 5 Inc., iRiver International, PRISMIQ Inc., PURE Digital, Rio, Samsung Electronics Company Ltd., SimpleDevices Inc. and 2Wire Inc.
    * Chip makers BridgeCo AG, Equator Technologies Inc., Imagination Technologies, Micronas, Motorola Inc., Sigma Designs Inc. and SigmaTel Inc.
    * HP []
  • unfortunately... (Score:4, Informative)

    by matticus ( 93537 ) on Friday June 18, 2004 @09:55AM (#9462434) Homepage
    He got the part about Jon Johansen all wrong. He made it sound like he was trying to defeat region coding by making region coding sound even worse than it is. Jon wasn't trying to defeat region coding. He was trying to defeat CSS, an entirely different beast altogether. Region encoding ensures you only play DVDs from your region, CSS ensures only licensed players can play DVDs regardless of region. I don't like to see misinformation propagated during the "winning people to our cause" phase...Incidentally, Norway and France share a region code.

    /has a region-free dvd player bought legally

    • well amazingly enough, he put the entire text of his article up there into the public domain so you can easily correct it and post a correct version. I'm sure he would also welcome corrections being submitted from his readers as well, as he gets other stuff of his proofread by his reading public.
  • by Knight2K ( 102749 ) on Friday June 18, 2004 @10:12AM (#9462588) Homepage
    Last weekend I went to the Fanzilla Fan Film Convention [] to see the absolutely brilliant Raiders of the Lost Ark: The Adaptation. For anyone who doesn't know, this movie was the work of three junior high kids back in the 1980's, that were so moved by seeing the actual film, that they decided to remake it shot-for-shot.

    At the screening, they informed us that security guards would be monitoring the audience to make sure none of us were taping the film to distribute it across the net, since it is a reproduction of the original film. As I was watching the grainy film of a 13 year old adventurer mock fighting 13 year olds wearing turbins in the streets of Gulfport, MS, a security guard walked up the aisle scanning with a night vision scope to make sure nobody had any naughty cameras.

    The whole situation just seemed so ludicrous. Nobody was going to mistake this film for the actual Raiders. The point of watching this film was not to be entertained by the movie's plot (though it does hold up well in the re-telling), but in seeing how these kids with limited resources managed to pull off outrageous stunts and ingeniuously improvise set pieces to make a film that actually held together.

    They succeeded bigger and better than you would think. But Industrial Light and Magic doesn't have to worry about their jobs. I still bought the Indiana Jones Trilogy DVD set. In fact, I watched the real Raiders that night when I got home because the kids did such a good job that I felt like seeing the original.

    That fan film may not be creative in the sense of creating a new work from whole cloth. But it was extremely creative in execution, and inspired a few of the kids involved to become a part of the movie business. Ironically, one of them works for a DVD production house.

    I wish more people could see this film; it is truly inspirational. I felt like running out and making my own movie. Why can't it be out there on the 'Net if nobody is going to make money from it? Would it really cut into LucasFilm's profits if someone did make some money on it?

    One of the producers of the film introduced it at the festival and said that they occasionally show it for educational purposes. What kind of message does it send to show kids this film, and then tell them that there are these bizarre boundaries on their creativity? Do they send security to those screenings? I've heard a lot of complaints on this site and others that kids don't do these kinds of ambitious projects anymore. Why do you think that is?
  • by Anonymous Writer ( 746272 ) on Friday June 18, 2004 @10:14AM (#9462614)

    His article is impeccably, thorough, and articulate. The research and timeline used to explain his points were... well... I can't even fucking come close to writing like that which is obvious at the moment. Like the story submitter said, it was fantastic. He clearly points out the problem with great detail. However, he doesn't propose a solution.

    When the World Wide Web was introduced, it seemed like a godsend; now books would be published electronically, libraries could be digitised, and anyone anywhere in the world would be able to search through them and read anything. Yet that isn't how things have panned out, even after years of its existence. The Internet has become an indispensable research tool, but it turned out to be something very different from a library. Information comes in bits and pieces, squeezed within a clutter of navigational panes and advertisements. Web pages have the flashy, disorienting visual effect of grocery shelves. It never turned out to be the coherent electronic medium for publishing that it was meant to.

    The way corporations are implementing DRM does not address this issue by design. DRM is meant to secure profit for corporations, while constraining the potential of technology to fit in an antiquated business model. Yes, authors, musicians, film-makers, and everyone involved in creating forms of media must make a living. Yet the internet must also be allowed to reach its full potential in allowing people to access their works. There must be a way of allowing both to happen.

    • He does propose a solution: Microsoft should a) grow a pair of balls, and b) tell the RIAA to fuck off. Building a "record player that can play anything" (his phrase) is the first step.

      The problem is Microsoft sees DRM not just as a way to protect music and video; it's a way to protect Microsoft software. This is Microsoft's real motivation and, unfortunately, the reason this won't just go away soon.

  • They don't care! (Score:3, Insightful)

    by yoshi_mon ( 172895 ) on Friday June 18, 2004 @10:27AM (#9462749)
    There is no market demand for this "feature." None of your customers want you to make expensive modifications to your products that make backing up and restoring even harder. And there is no moment when your customers will be less forgiving than the moment that they are recovering from catastrophic technology failures.

    They know this and they don't care. They are going to, once again, leverage their monopoly to try and change the market.

    And sadly, even if their customers are so unforgiving it is a long strech to see joe-sixpack and sally-homemaker deciding to break with everything they know and install Linux or makeing a whole new investment in a Mac.

    At the end of the day they will grumble and bitch but swallow that bitter pill and reinstall Windows and deal. MS knows this and so does its partners.
  • by Anonymous Writer ( 746272 ) on Friday June 18, 2004 @10:38AM (#9462875)

    He makes a great case for why DRM is bad for society, business, and artists, why it simply don't work, and why Microsoft (the audience for this talk) should not invest in it.

    He's going to talk to Microsoft about this? He might as well go talk to a wall.

  • DRM Observations (Score:5, Insightful)

    by glenstar ( 569572 ) on Friday June 18, 2004 @10:47AM (#9462954)
    DRM is a ridiculous response to a ridiculous problem. The problem being, how do you protect a copyrighted work from flowing freely amongst Internet users? And, before you say that music/data/software/etc... wants to be free, understand that under current copyright law, copyright holders must make a "reasonable effort" to protect their copyrights to receive protection. Is it a reasonable attempt at protection to put out a product that anyone can copy and distribute freely? No. Is it fair to the consumer to severely limit their use of the copyrighted material after purchase? No. Hence, we have a bit of a conundrum.

    What iTunes, et al, do with DRM is actually very lenient in light of what the 5 majors want (and are actively seeking). They have appeased the RIAA and brethren by perpetuating the illusion that digital material can be fully protected. In reality, all that these DRM schemes have done is place a bump in the road... and a pretty insignificant bump at that. However, that is the price that they (as retailer) must pay to allow major label content to you (the consumer).

    There is a bit of a solution though. Companies like mine [], AudioLunchbox [www.audiolunchbox], Magnatune [], and a few others, are skirting the entire DRM issue by offering indie and quasi-major label material (eg, a compilation put out by an indie that contains tracks by major label artists).

    As time goes on, I sincerely believe that DRM will become *less* of an issue, as the majors begin to realize that while they need to aggressively protect their copyrights, they also need to make sales to the consumer. In the interim, please support those of us who are working to bring you quality music unfettered by DRM.

  • by Catiline ( 186878 ) <> on Friday June 18, 2004 @11:38AM (#9463437) Homepage Journal
    My prime -- and perhaps only -- complaint with Destructive Rights Manglement is that the media companies want to use it as a catch-all regieme, not for the few places where it would be most effective.

    The music and movie studios rant and rave about how piracy is their target with this whole DRM push. Fine -- DRM the movie reels, the review disks, the portions of the chain that are never held by a paying customer, the portions that have in fact have been repeatedly shown to be the source for piracy, and drop those restrictions at the end of the supply chain.

    DRM your business lines boys, not the end product. That way we know you're fighting the pirates -- after all, if you only DRM the end product, somebody might get the mistaken idea you're fighting the customer!
  • by Ugmo ( 36922 ) on Friday June 18, 2004 @12:21PM (#9463810)
    What I got from this article is that throughout history people who try to make money from the old media try to fight people who try to make money from the new media. Artists make only a small amount of money from either. The only advantage the artist has is that the new media plays to a larger audience and the artist, because he gets a smaller slice from a larger pie tend to do OK. The media companies, old and new do OK also but that's besides the point...

    The lawyers always get paid.

    They get paid by the old companies to fight the new companies and they get paid by the new companies to defend against the old companies and they get paid by the artists to make sure they get their cut.

    History teaches us that it doesn't pay to be a creative artist, inventor or even business man.

    Kids, be a lawyer and get all the others coming and going. :)
  • by perlchild ( 582235 ) on Friday June 18, 2004 @03:51PM (#9466290)
    RIAA: I own the content but you may use it
    User: If I pay you I own my copy, that's not negotiable.
    RIAA: Ownership is not something we're willing to give you.
    User: Well my money is not something I'm willing to give you, let's see how much content you can produce without an audience.
    RIAA: Government, User is using unfair negotiating tactics.
    User: Unfair? BAH! You're paid to encourage you to produce content. It's not a need, it's a want, but you need MY money. You will give me what I want, or you will get no money.
    Government: IANAL but I will ask counsel.
    Counsel: User is quoting straight from the history of copyright, the law says he's right, until we can change the law, no matter how much RIAA pays.

    DRM negotiation in a perfect world, except if you're the RIAA

You will never amount to much. -- Munich Schoolmaster, to Albert Einstein, age 10