4 Microsoft Engineers Predicted DRM Would Fail 10 Years Ago 142
An anonymous reader writes "Ars is running an article about a paper written just over a decade ago by four engineers at Microsoft. In it, they talk about the darknet, and how it applies to distributing content online. They correctly predicted the uselessness of DRM: 'In the presence of an infinitely efficient darknet — which allows instantaneous transmission of objects to all interested users — even sophisticated DRM systems are inherently ineffective.' The paper's lead author, Peter Biddle, said he almost got fired over the paper at the time. 'Biddle tried to get buy-in from senior Microsoft executives prior to releasing the paper. But he says they didn't really understand the paper's implications — and particularly how it could strain relationships with content companies — until after it was released. Once the paper was released, Microsoft's got stuck in bureaucratic paralysis. Redmond neither repudiated Biddle's paper nor allowed him to publicly defend it.' The paper itself is available in .DOC format."
Re:DRM is not useless (Score:4, Informative)
Actually AZW has long been cracked. It was initially done to create DRM-free copies that Amazon could not revoke (remember the incident with 1984?). Of course, there are those who use it to share ebooks without permission to do so. There is even a plugin that integrates into Calibre to strip DRM out of your books,
Re:HDCP is still here (Score:2, Informative)
http://dictionary.reference.com/browse/sarcasm [reference.com]
Re:The money quote (Score:5, Informative)
The fundamental misconception of the paper(which, as you note, Apple was first to demonstrate in a broad and serious way) is that DRM is about controlling exfiltration rather than controlling playback.
Yeah, obviously, even the people who design PAL hardware for thermonuclear warheads are going to have a difficult time designing DRM systems that will resist prolonged physical access by a sophisticated attacker. If they have to build such systems on a consumer electronics budget, forget about it.
However the 'break once, play everywhere' DRM defeat model implicitly assumes that computers will be 'default allow' devices. That, unless a given object is specifically encrypted/crippled/otherwise fucked with, they will happily do their best to work with what they are given.
This simply isn't true. Market forces have prevented going 'default deny' in certain highly competitive sectors(eg. nobody selling cheap DVD players can get away with selling DVD players that play only CSS-encrypted disks) and for certain legacy formats(it isn't really an 'mp3 player' if it doesn't play mp3s...); but it is increasingly the case that more sophisticated devices are 'default deny'.
None of today's consoles will boot an unsigned binary, even one otherwise compatible with their environment without modification to the system(sometimes a software crack, some are known only to possess hardware vulnerabilities requiring physical modification). The iDevices of the world will reject any .ipa executable package that isn't DRM-encumbered. You can strip off the "fairplay" all you like; but unless you have a jailbroken device or access to a trusted signing key, you aren't going to be running it... Microsoft's "Windows RT" will be the same thing for Windows style executables.
If anything, what the MS guys demonstrated is that (because of the 'darknet' consideration) 'Trusted Computing' as DRM is doomed to failure and its only real function is trusted computing as control.
Re:The money quote (Score:4, Informative)
I agree in general. However, for what it's worth, Windows RT can both sideload apps (they have to be signed by *somebody*, but the certificate can and often will be from an "untrusted" source) and execute unsigned desktop apps if they run in the app sandbox. The first is an official feature, intended for use either by developers or for internal (company, etc.) apps. The second is completely unofficial, but it works; "Metro-style" apps (which run in a sandbox) aren't supposed to be able to invoke arbitrary .EXEs. Somebody has figured out how to do it though, and it turns out that so long as the target EXE is within the sandbox's accessible portion of the filesystem and doesn't need to access anything outside of the sandbox, it works fine even if completely unsigned. Of course, it still needs to be recompiled for ARM, so no running arbitrary legacy programs yet unless you have the source code and build tools, but it works.
The question will be how MS responds to this. It's arguably completely safe to leave in place; even if somebody goes to the trouble to create malware that will run in this environment, the environment itself will keep it constrained. A sideloaded or store app could literally do just as much damage. If anything really malicious does pop up, they can add its definition to Defender. On the other hand... it's possible that they'll try and take a "you just *thought* it was your device" approach and block people from even doing that much. After all, given the need to recompile, you could argue that legacy malware wouldn't run anyhow, so there was no need to forbid third-party desktop apps in the first place. In any case, time will tell. Meanwhile, there's already work on other ways of unlocking Windows RT.
Overall, a very insightful post, and I almost modded it as such (hopefully somebody else will) but wanted to respond.
Re:DRM is not useless (Score:3, Informative)
There is a python script that works (need your kindle serial number).
Or you can use Kindle.DRM.Removal.v4.2.1.247-Lz0 (Basically a crappy gui to the same script).
Re:The money quote (Score:4, Informative)
The iDevices of the world will reject any .ipa executable package that isn't DRM-encumbered. You can strip off the "fairplay" all you like; but unless you have a jailbroken device or access to a trusted signing key, you aren't going to be running it...
That's not strictly true. Apple allows one to load "entitlements" on a device which can pair the device with your own signing key, and away from the appstore review process and DRM.
Sure, they have to generate the entitlement. But for $200 they'll generate you an entitlement that can be loaded on as many devices as you want (aimed at enterprise.)