A rant on Digital Rights Management
Results 1 to 7 of 7

Thread: A rant on Digital Rights Management

  1. #1
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716

    A rant on Digital Rights Management

    Mention Digital Rights Management
    http://en.wikipedia.org/wiki/Digital_rights_management

    and I go bug eyed with paranoia.
    Why is it that no one else seems to see it as an all-encompassing
    conspiracy to overthrow all that is good in human civilization
    and and enslave us to evil brain-eating cockroaches?

    Security is a balancing act.

    We all know that computer security is a continuum, with bad choices
    at either end of the scale, but have we stopped to think about the
    fact that this continuum is just a mirror of the same reality we
    face when we consider personal or National security?

    Tech people can be very inconsistent between their views on tech
    subjects and their views on social or political realities, but
    these two worlds are really analogies of one another.
    You might be a real "computer security nazi", but a libertarian
    in "real life". Why?

    What is at stake?

    Before you can even think intelligently on computer security,
    you need to define what it is that you are attempting
    to protect. And this is where your political and social
    presuppositions
    http://mywebpages.comcast.net/webpages54/ap/presup.html

    will silently determine the outcome
    of your thought processes, before you have even begun.
    Nowhere is this more true than in the emotional and polarized
    debate over Intellectual Property.
    http://www.wipo.int/about-ip/en/

    Whose rights?

    If I have made the assumption that I rightfully own a piece of
    property, all of my strategies for protecting it will flow
    from that assumption. If my computer belongs to me, then I insist
    on having control over the software it runs, the content displayed
    on the screen, who can write to my hard drive. I may delegate
    these rights to those I trust, and I may deny it unconditionally
    to all others. It is my computer.
    http://www.gnu.org/philosophy/free-sw.html

    Whose computer is it?

    Maybe it really isn't my computer at all. Once upon a time
    not so very long ago there were no personal computers. A business
    would own a powerful computer with a multi tasking multi user
    operating system. They could then connect numerous dumb
    terminals
    to this machine so that people could log on and
    work. Since the company owned the computer, it, or its appointed
    sysadmin decided what rights could be safely delegated to
    users.
    http://www.itsecurity.com/dictionary/leastpriv.htm

    Users were digital peons, working on the master's
    plantation.

    The microprocessor revolution.

    The availability of cheap microprocessors shattered, at least
    temporarily, the digital paradise of centrally controlled
    computing. People bought desktop computers and discovered the
    joys of learning to write their own software. They were
    empowered. They experienced the feeling of ownership,
    responsibility, and rights. Bad news for the advocates
    of an authoritarian concept of computing.

    A gray area

    Having one's own computer probably felt pretty good at first,
    but people became bored and discontented with the underpowered
    early PCs, and no doubt were thrilled when they became
    powerful enough to run networking software, and able to connect
    to the fast growing internet. But now, going from a free-standing
    personal computer to a participating host on a network,
    you enter a gray area, a twilight zone between the totally
    decentralized, fragmented world of individual PCs, and the
    authoritarian world of mainframe and dumb terminal.
    http://www.conroe.isd.tenet.edu/poli...u/can_use.html

    Rival Computing Models = Rival Security Models

    It should be no surprise that people are arguing radically
    different philosophies of computer security. Their underlying
    philosophies of computing make this inevitable.
    The decentralized model of security says that "It's your
    computer", therefore security is your own responsibility.
    This philosophy favors firewalls, Anti-virus software,
    Spam filters, and other user-initiated and user-maintained
    measures to mitigate, but never eliminate security threats.
    The centralized model advocates comprehensive and
    systemic measures, built into the fundamental design
    of the net, its protocols, and even the very hardware,
    to make security threats impossible.
    http://www.extremetech.com/article2/...,264904,00.asp

    Cyberspace and Ordinary Space.

    If you suspect that I'm about to make an analogy between
    the digital world and the "real" world, you are correct.
    The very same arguments about security are raging about our
    physical security. One group says that conventional
    and traditional security measures are adequate. Local law
    enforcement is seen as adequate to deal with crime.
    Normal and lawfully mobilized armies can defend nations.
    Traditional diplomacy. Civil liberties. Constitutional
    safeguards.
    The other camp, again, wants a radical and comprehensive
    solution, a "new world order", some kind of systemic
    redesign that will make security threats impossible.
    http://www.truthresources.org/a_nwo.htm

    Utopia is Hell.

    But before we can talk intelligently about security threats,
    we need to ask, "Who is being threatened by whom?"
    the answer to this question isn't as obvious as you think.
    To you and me, this may seem simple. A security threat
    is something that threatens me.
    A virus. Spyware. Someone wanting administrative access
    to my computer, to steal my personal info, empty my
    bank account, or whatever.

    But if you are the president of a monopolistic business,
    head of the RIAA, the MPAA, your definition of "threat"
    may seem curiously inverted, at least from my point of view.
    http://www.eff.org/legal/cases/sony_...l_decision.php

    New technologies that allow users to share files unsupervised,
    the ability to inspect and "reverse engineer" software,
    or to write programs that unlock copy protection. These are
    "security threats" from their point of view. Things that I
    do in the privacy of my own home can be viewed as threats to
    their businesses.

    Since it is "intellectual property" that they are trying to protect,
    my discovery of their secrets is a greater threat to computer security
    than some petty virus. To ordinary users, the enemy is the rogue or
    criminal who releases the destructive virus or worm. To authoritarians,
    it is ordinary users who are the threat, not by doing something
    criminally destructive, but by obtaining hidden and forbidden
    knowledge.
    http://www.gnu.org/philosophy/right-to-read.html

    Digital Utopia would be a place where users are only allowed the
    minimum privileges necessary to allow them to do their work. This may seem
    sensible if you are the sysadmin at a nuclear weapons lab,
    http://www.cgisecurity.com/owasp/html/ch04s08.html

    but do you want the internet run that way? Do you want your PC to be managed
    remotely by the regime of Digital Rights Management?

    There is a lot at stake here.

    The internet is still a friendly and cooperative place.
    It is not the wild wild west, in desperate need of a
    gunslinging sheriff to come and impose law and order.
    Security is evolving naturally, and meeting the needs of legitimate
    users. The rogues and outlaws are a small minority.
    If it ain't broke, don't fix it.
    I came in to the world with nothing. I still have most of it.

  2. #2
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    Amazing post...very good read.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  3. #3
    Member
    Join Date
    Apr 2003
    Posts
    95
    Members of organizations such as the RIAA and MPAA hope to prevent the creation of any copy of digital media -- even those which consumers are legally entitled to make under the doctrine of "fair use" -- by encrypting audio and video until the very instant they reach your speakers and screen.
    Surely it wouldnt be long before someone just plugged a cable from their line out strait into the line in, I mean they cant stop you sharing your home recorded stuff can they?

  4. #4
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    Anyone who wants to protect there digital media using DRM should be executed. For the following reasons:

    It will not stop piracy.
    It will cost them more money than it will return.
    It will prevent customers from using their media in the way the the customer want to.
    It will limit their potentual customer base.
    It will incurrage piracy.
    It will create another monopoly.

    I could go on and on, but i think i'll go to bed now.
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  5. #5
    Senior Member
    Join Date
    Jul 2002
    Posts
    339
    Support Open Source Software. Support Open License (royalty-free) Music.

    See Creative Commons Attribution-ShareAlike license:
    Human-readable summary
    Lawyer-readable code
    Machine-readable code (example)

    Not only for musicians, it can be also used by photographers & illustrators, writers & bloggers, filmmakers, and educators & scholars. More info: creativecommons.org.

    EFF used to have Open Audio License but now they recommend CC lisence over their license.

    And now, for some real free, royalty-free music: www.open-songs.com.

    Peace always,
    <jdenny>
    Always listen to experts. They\'ll tell you what can\'t be done and why. Then go and do it. -- Robert Heinlein
    I\'m basically a very lazy person who likes to get credit for things other people actually do. -- Linus Torvalds


  6. #6
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    I think we should just look at the logical conclusions of DRM:

    1. DRM allows software vendors to restrict using some technical means, what other software is installed on your machine - how convenient for them (Real, Apple and Microsoft) - they don't need to compete with other media players any more, they can legally, legitimately simply uninstall them or break them.

    2. DRM is installed in the BIOS and OS of the machine, which prevents running unsigned software:
    - Writing open source software is now comparable to making open source weapons - you can do it, but need to obtain masses of expensive licences / permissions from the government

    3. You now need a licence to even OWN a compiler. Yes, that's right. Can't let any normal people own compilers, in case they "accidentally" compile something which violates DRM. The same licence will allow you to run a non-DRM PC (for personal or commercial use only of course, you can't lend it to anyone etc)

    It will be stupid because:

    a. The system will be circumvented as soon as it is invented (Like PS2 and Xbox DRM measures)
    b. Anyone who's bent on creating malicious software, will ignore the rules anyway
    c. It will place a massive financial drain on software companies, getting the relevant government licences to develop software under a DRM world - thus further increasing the likelihood of software companies relocating to non-DRM enforcing countries (i.e. not the US or its allies (i.e. not the UK ) )

    Slarty

  7. #7
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    I look at "DRM" as a 'rights' movement that does nothing more than protect (and in the process, divide and separate the competition) any business who wants to make sure they get 100% of their product sent out. Making a machine that's "DRM" compliant? Yeah, I'll never have that. Are they saying we can't build our own PCs anymore? Embedded in the bios and motherboard? Sure, we can break that all day. Same as the OS? Yep, broken. Not feasible financially, but that'll be circumvented by the companies because of the increased price of "production".

    A failed project and all that suffer are the end users.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides