Revision as of 23:14, 25 August 2003 view sourceWw (talk | contribs)9,812 editsmNo edit summary← Previous edit | Revision as of 00:55, 1 September 2003 view source Camembert (talk | contribs)Extended confirmed users18,991 editsm h3 -> h2Next edit → | ||
Line 9: | Line 9: | ||
An early example of a DRM system is the ] (CSS) employed by the ] on movie ] disks. The data on the DVD is ] so that it can only be decoded and viewed using an ], which the DVD Consortium kept secret. In order to gain access to the key, a DVD player manufacturer would have to sign a licence agreement with the DVD Consortium which restricted them from including certain features in their players such as a digital output which could be used to extract a high-quality digital copy of the movie. Since the only hardware capable of decoding the movie was controlled by the DVD Consortium in this way, they were able to impose whatever restrictions they chose on the playback of such movies. See also ] for a more draconian and less commercially successful variation which is no longer marketed. The name is also used (]), in ironic tribute to the defunct disk 'protection' scheme, for a ] ], akin to ]. | An early example of a DRM system is the ] (CSS) employed by the ] on movie ] disks. The data on the DVD is ] so that it can only be decoded and viewed using an ], which the DVD Consortium kept secret. In order to gain access to the key, a DVD player manufacturer would have to sign a licence agreement with the DVD Consortium which restricted them from including certain features in their players such as a digital output which could be used to extract a high-quality digital copy of the movie. Since the only hardware capable of decoding the movie was controlled by the DVD Consortium in this way, they were able to impose whatever restrictions they chose on the playback of such movies. See also ] for a more draconian and less commercially successful variation which is no longer marketed. The name is also used (]), in ironic tribute to the defunct disk 'protection' scheme, for a ] ], akin to ]. | ||
==Digital Millennium Copyright Act== | |||
The ] was passed in the ] in an effort to make the circumvention of such systems illegal. It has been widely imitated elsewhere by other governments. Despite this law, which has received substantial opposition on constitutional grounds, it is still relatively easy to find DVD players which bypass the limitations the DVD Consortium sought to impose. It would seem that every such use of those machines is a violation of the DMCA and so a felony. The cryptographic keys themselves have been discovered and widely disseminated (see ]). There has been a arrest and arraignment for violation of the DMCA of a Russian programmar, Dimitri Skylarov, who did the work cited for his employer, Elcomsoft, while in Russia, where it was and remains entirely legal. He was arrested on a visit to the US, and spent several months in jail until a compromise was reached. criminal See Professor ]'s freedom-to-tinker Web site for some observations on the DCMA, its proposed successors, and their consequences, intended and unintended hilarious. | The ] was passed in the ] in an effort to make the circumvention of such systems illegal. It has been widely imitated elsewhere by other governments. Despite this law, which has received substantial opposition on constitutional grounds, it is still relatively easy to find DVD players which bypass the limitations the DVD Consortium sought to impose. It would seem that every such use of those machines is a violation of the DMCA and so a felony. The cryptographic keys themselves have been discovered and widely disseminated (see ]). There has been a arrest and arraignment for violation of the DMCA of a Russian programmar, Dimitri Skylarov, who did the work cited for his employer, Elcomsoft, while in Russia, where it was and remains entirely legal. He was arrested on a visit to the US, and spent several months in jail until a compromise was reached. criminal See Professor ]'s freedom-to-tinker Web site for some observations on the DCMA, its proposed successors, and their consequences, intended and unintended hilarious. | ||
Line 17: | Line 17: | ||
Opponents of DRM, as currently envisioned and implemented, note that by delegating computer access (or control of the ability to execute some programs, or to execute programs only with certain data) to third parties, there is a very considerable risk of problems well beyond any control of intellectual property rights issues. For instance, due to a bug (or misdesign, or misadministration of an otherwise 'reasonable' design) the protecting code implementing the local part of a DRM scheme may prevent a computer user from using his computer at all, or from using programs (or using data as an input to a program) when such use is actually completely legitimate and not a violation of any copyright holders' rights. Or, for another instance, a legitimately purchased copy of <a DVD containing a book or a movie, or a software program, or ...> might be blocked because it is being used on equipment which doesn't include the DRM function permitting access to it. Currently, DVDs legally purchased in some places are not playable in other places for exactly these reasons, although in this case it is marketing considerations and not 'security' which is the reason for the restriction. ]s, software implementing security protocols, and ] have historically proven extremely difficult to design without vulnerabilities due to ] or design mistakes. This has been true of designs from experienced and well respected professionals. <!--It is essentially universally true of designs by the amateur crypto / security enthusiasts. --> | Opponents of DRM, as currently envisioned and implemented, note that by delegating computer access (or control of the ability to execute some programs, or to execute programs only with certain data) to third parties, there is a very considerable risk of problems well beyond any control of intellectual property rights issues. For instance, due to a bug (or misdesign, or misadministration of an otherwise 'reasonable' design) the protecting code implementing the local part of a DRM scheme may prevent a computer user from using his computer at all, or from using programs (or using data as an input to a program) when such use is actually completely legitimate and not a violation of any copyright holders' rights. Or, for another instance, a legitimately purchased copy of <a DVD containing a book or a movie, or a software program, or ...> might be blocked because it is being used on equipment which doesn't include the DRM function permitting access to it. Currently, DVDs legally purchased in some places are not playable in other places for exactly these reasons, although in this case it is marketing considerations and not 'security' which is the reason for the restriction. ]s, software implementing security protocols, and ] have historically proven extremely difficult to design without vulnerabilities due to ] or design mistakes. This has been true of designs from experienced and well respected professionals. <!--It is essentially universally true of designs by the amateur crypto / security enthusiasts. --> | ||
==DRM advocates== | |||
Some DRM advocates have suggested (and some legislation has actually been introduced to authorize) that copyright owners be given the ability to remotely delete information from others' computers when, in the view of the copyright holder (or more accurately the copyright holder's software), it is not being legitimately held. The prospect of a bug or maldesign in the software implementing any such scheme is more than a little disturbing to many. They point out that we have demonstrated (by frequent and long extant virus infestations, by system software security errors, by misconfiguration of software of all kinds, and by software failure -- both system and application) that we don't currently know how to design software that does something specific just as intended and nothing else. How much less likely are we likely to get right software which must do something quite dangerous (ie, file or program deletion, interfereing with system operation to prevent copyright infringement) in only somewhat foreseeable circumstances? Pattern recognition software is not yet fully capable of even distinguishing the predictable (ie, has this <fingerprint, iris pattern, retinal pattern, face, ...> been seen before? It does not seem likely that any system we can currently design and implement it will be able to reliably distinguish between <this class of data> and others, perhaps including not yet existing documents, parodies, samplings, and so on, especially when the legitimacy of possession or use depends entirely on outside_the_computer facts such as purchaser, terms of purchase, details of license contracts applicable to this particular copy of the <whatever> and this particular situation, and so on. | Some DRM advocates have suggested (and some legislation has actually been introduced to authorize) that copyright owners be given the ability to remotely delete information from others' computers when, in the view of the copyright holder (or more accurately the copyright holder's software), it is not being legitimately held. The prospect of a bug or maldesign in the software implementing any such scheme is more than a little disturbing to many. They point out that we have demonstrated (by frequent and long extant virus infestations, by system software security errors, by misconfiguration of software of all kinds, and by software failure -- both system and application) that we don't currently know how to design software that does something specific just as intended and nothing else. How much less likely are we likely to get right software which must do something quite dangerous (ie, file or program deletion, interfereing with system operation to prevent copyright infringement) in only somewhat foreseeable circumstances? Pattern recognition software is not yet fully capable of even distinguishing the predictable (ie, has this <fingerprint, iris pattern, retinal pattern, face, ...> been seen before? It does not seem likely that any system we can currently design and implement it will be able to reliably distinguish between <this class of data> and others, perhaps including not yet existing documents, parodies, samplings, and so on, especially when the legitimacy of possession or use depends entirely on outside_the_computer facts such as purchaser, terms of purchase, details of license contracts applicable to this particular copy of the <whatever> and this particular situation, and so on. |
Revision as of 00:55, 1 September 2003
Digital rights management or digital restrictions management, commonly abbreviated DRM, is an umbrella term for any of several arrangements by which the usage of copyrighted data by someone who has purchased a copy of it may be restricted by the copyright holder. Some would like to use DRM mechanisms to protect trade secrets and proprietary information as well. This latter proposal will raise profound questions in actual practice: claims that this or that is proprietary or a trade secret will be much harder to judge, keep resonable, or prevent misuse of than any claim of copyright. Copyright status, enforceable at law, is granted by government enactment and is regulated, more or less closely. Claims of proprietary or trade secret status are not; such violations are thefts, but the information made available is available to all. The DRM protected context is most commonly digital (ie, as in a computer or computerized device), hence the 'digital' in DRM; the reason is that the cryptography techniques used and proposed are not directly applicable to analog information. As well, they cannot be used at all in an analog context since they require absolute precision available only in digital equipment.
In contrast to existing legal restrictions which copyrighted status imposes on the owner of a copy of any such data, most DRM schemes would allow, and even enforce in some cases, additional restrictions to be imposed solely at the discretion of the copyright holder, through hardware and software whose actions are under the copyright holder's control. In the extreme, such control is proposed within other's computers and computerized devices as a 'part' of the operating system. The Trusted Computing Platform Architecture scheme proposed by the Trusted Computing Platform Alliance is an example, as is the Palladium scheme proposed by Microsoft for its future operating systems. (See Professor Ross J Anderson's TCPA / Palladium FAQ for more information on both).
Several laws relating to DRM have been proposed or already enacted in various jurisidictions (State, Federal, non-US). Some of them will require _all_ computer systems to have mechanisms controlling the use of digital media. (See Professor Edward Felten's freedom-to-tinker Web site for information and pointers to the curretn debate on these matters).
An early example of a DRM system is the Content Scrambling System (CSS) employed by the DVD Consortium on movie DVD disks. The data on the DVD is encrypted so that it can only be decoded and viewed using an encryption key, which the DVD Consortium kept secret. In order to gain access to the key, a DVD player manufacturer would have to sign a licence agreement with the DVD Consortium which restricted them from including certain features in their players such as a digital output which could be used to extract a high-quality digital copy of the movie. Since the only hardware capable of decoding the movie was controlled by the DVD Consortium in this way, they were able to impose whatever restrictions they chose on the playback of such movies. See also DIVX for a more draconian and less commercially successful variation which is no longer marketed. The name is also used (DivX), in ironic tribute to the defunct disk 'protection' scheme, for a video compression protocol, akin to MPEG-4.
Digital Millennium Copyright Act
The Digital Millennium Copyright Act was passed in the United States in an effort to make the circumvention of such systems illegal. It has been widely imitated elsewhere by other governments. Despite this law, which has received substantial opposition on constitutional grounds, it is still relatively easy to find DVD players which bypass the limitations the DVD Consortium sought to impose. It would seem that every such use of those machines is a violation of the DMCA and so a felony. The cryptographic keys themselves have been discovered and widely disseminated (see DeCSS). There has been a arrest and arraignment for violation of the DMCA of a Russian programmar, Dimitri Skylarov, who did the work cited for his employer, Elcomsoft, while in Russia, where it was and remains entirely legal. He was arrested on a visit to the US, and spent several months in jail until a compromise was reached. criminal See Professor Edward Felton's freedom-to-tinker Web site for some observations on the DCMA, its proposed successors, and their consequences, intended and unintended hilarious.
New DRM initiatives have been proposed in recent years which could prove more difficult to circumvent, including copy-prevention codes embedded in broadcast HDTV signals and the Palladium operating system. A wide variety of DRM systems have also been employed to restrict access to eBooks. See the TCPA/Palladium FAQ maintained by Professor Ross J. Anderson for a clear discussion of two prominent proposals.
Opponents of DRM, as currently envisioned and implemented, note that by delegating computer access (or control of the ability to execute some programs, or to execute programs only with certain data) to third parties, there is a very considerable risk of problems well beyond any control of intellectual property rights issues. For instance, due to a bug (or misdesign, or misadministration of an otherwise 'reasonable' design) the protecting code implementing the local part of a DRM scheme may prevent a computer user from using his computer at all, or from using programs (or using data as an input to a program) when such use is actually completely legitimate and not a violation of any copyright holders' rights. Or, for another instance, a legitimately purchased copy of <a DVD containing a book or a movie, or a software program, or ...> might be blocked because it is being used on equipment which doesn't include the DRM function permitting access to it. Currently, DVDs legally purchased in some places are not playable in other places for exactly these reasons, although in this case it is marketing considerations and not 'security' which is the reason for the restriction. Security protocols, software implementing security protocols, and cryptography have historically proven extremely difficult to design without vulnerabilities due to bugs or design mistakes. This has been true of designs from experienced and well respected professionals.
DRM advocates
Some DRM advocates have suggested (and some legislation has actually been introduced to authorize) that copyright owners be given the ability to remotely delete information from others' computers when, in the view of the copyright holder (or more accurately the copyright holder's software), it is not being legitimately held. The prospect of a bug or maldesign in the software implementing any such scheme is more than a little disturbing to many. They point out that we have demonstrated (by frequent and long extant virus infestations, by system software security errors, by misconfiguration of software of all kinds, and by software failure -- both system and application) that we don't currently know how to design software that does something specific just as intended and nothing else. How much less likely are we likely to get right software which must do something quite dangerous (ie, file or program deletion, interfereing with system operation to prevent copyright infringement) in only somewhat foreseeable circumstances? Pattern recognition software is not yet fully capable of even distinguishing the predictable (ie, has this <fingerprint, iris pattern, retinal pattern, face, ...> been seen before? It does not seem likely that any system we can currently design and implement it will be able to reliably distinguish between <this class of data> and others, perhaps including not yet existing documents, parodies, samplings, and so on, especially when the legitimacy of possession or use depends entirely on outside_the_computer facts such as purchaser, terms of purchase, details of license contracts applicable to this particular copy of the <whatever> and this particular situation, and so on.
DRM advocates have taken the position, in essence, that DRM / security / cryptography design goals and operatinoal contexts are sufficiently well understood, and software engineering is also sufficiently well practiced, that it is possible to achieve the desired ends without causing unrelated problems for users, their computers, or those who depend on either.
Thus far, neither side has compelled the other to agree, though there has been much heat and little enlightenment. Legislation to impose, by force majure, a DRM 'solution' on all is under consideration in many jurisdictions. Some has already been enacted. DRM advocates are still having no little difficulty explaining why DRM software is more likely to be done right than software for
- NASA Mars landers (confusion between metric and British units by the programmer of a small part of the software assocatied with the lander),
- Ariane rockets (software for an earlier version was reused without realizing that what had been an error condition would not be in the version),
- frequently security flaws in widely distributed software from very large software companies (a relatively recent statement of commitment to security by the Chariman of one such company has been followed by yet more such breaches), and even
- assembly line robots (welders, painters, assemblers) who have killed several persons so far (though in each case it has been argued that it was the unanticipated actions of the person, not bad programming, which lead to death).
All of these examples are of systems whose designers and implementors were highly motivated to get right, and had very substantial resources available to do so. Less intensively engineered software is more, rather than less, likely to have roblems.
An early example of a DRM scheme is that currently protecting textbooks required in some US Dental Schools. The textbooks are available only on CD, and are readable in a computer only for a limited time, after which the CD 'expires' and the information in the 'book' is lost. Some of these books are not available on paper at all. Those who still have their college or graduate school texts might find this quite surprising. Dental students whose textbooks have evaporated may be expected to be somewhat different as dentists than their predecessors whose instructional materials were less evanescent.
Examples of existing "digital rights management" and "copy protection" systems:
DRM and document restriction technology
Opponents of DRM have noted that the proposed use of some DRM schemes to restrict the ability to copy and distribute documents can be used by criminals as a means of preventing enforcement of laws against fraud and other wrongdoing. Since DRM is unlikely to be so used by individual criminals, only corporate skullduggery is likely to be concealed this way.
See also: copy protection