-
August 22nd, 2004, 05:01 PM
#1
A rant on Digital Rights Management
Mention Digital Rights Management
http://en.wikipedia.org/wiki/Digital_rights_management
and I go bug eyed with paranoia.
Why is it that no one else seems to see it as an all-encompassing
conspiracy to overthrow all that is good in human civilization
and and enslave us to evil brain-eating cockroaches?
Security is a balancing act.
We all know that computer security is a continuum, with bad choices
at either end of the scale, but have we stopped to think about the
fact that this continuum is just a mirror of the same reality we
face when we consider personal or National security?
Tech people can be very inconsistent between their views on tech
subjects and their views on social or political realities, but
these two worlds are really analogies of one another.
You might be a real "computer security nazi", but a libertarian
in "real life". Why?
What is at stake?
Before you can even think intelligently on computer security,
you need to define what it is that you are attempting
to protect. And this is where your political and social
presuppositions
http://mywebpages.comcast.net/webpages54/ap/presup.html
will silently determine the outcome
of your thought processes, before you have even begun.
Nowhere is this more true than in the emotional and polarized
debate over Intellectual Property.
http://www.wipo.int/about-ip/en/
Whose rights?
If I have made the assumption that I rightfully own a piece of
property, all of my strategies for protecting it will flow
from that assumption. If my computer belongs to me, then I insist
on having control over the software it runs, the content displayed
on the screen, who can write to my hard drive. I may delegate
these rights to those I trust, and I may deny it unconditionally
to all others. It is my computer.
http://www.gnu.org/philosophy/free-sw.html
Whose computer is it?
Maybe it really isn't my computer at all. Once upon a time
not so very long ago there were no personal computers. A business
would own a powerful computer with a multi tasking multi user
operating system. They could then connect numerous dumb
terminals to this machine so that people could log on and
work. Since the company owned the computer, it, or its appointed
sysadmin decided what rights could be safely delegated to
users.
http://www.itsecurity.com/dictionary/leastpriv.htm
Users were digital peons, working on the master's
plantation.
The microprocessor revolution.
The availability of cheap microprocessors shattered, at least
temporarily, the digital paradise of centrally controlled
computing. People bought desktop computers and discovered the
joys of learning to write their own software. They were
empowered. They experienced the feeling of ownership,
responsibility, and rights. Bad news for the advocates
of an authoritarian concept of computing.
A gray area
Having one's own computer probably felt pretty good at first,
but people became bored and discontented with the underpowered
early PCs, and no doubt were thrilled when they became
powerful enough to run networking software, and able to connect
to the fast growing internet. But now, going from a free-standing
personal computer to a participating host on a network,
you enter a gray area, a twilight zone between the totally
decentralized, fragmented world of individual PCs, and the
authoritarian world of mainframe and dumb terminal.
http://www.conroe.isd.tenet.edu/poli...u/can_use.html
Rival Computing Models = Rival Security Models
It should be no surprise that people are arguing radically
different philosophies of computer security. Their underlying
philosophies of computing make this inevitable.
The decentralized model of security says that "It's your
computer", therefore security is your own responsibility.
This philosophy favors firewalls, Anti-virus software,
Spam filters, and other user-initiated and user-maintained
measures to mitigate, but never eliminate security threats.
The centralized model advocates comprehensive and
systemic measures, built into the fundamental design
of the net, its protocols, and even the very hardware,
to make security threats impossible.
http://www.extremetech.com/article2/...,264904,00.asp
Cyberspace and Ordinary Space.
If you suspect that I'm about to make an analogy between
the digital world and the "real" world, you are correct.
The very same arguments about security are raging about our
physical security. One group says that conventional
and traditional security measures are adequate. Local law
enforcement is seen as adequate to deal with crime.
Normal and lawfully mobilized armies can defend nations.
Traditional diplomacy. Civil liberties. Constitutional
safeguards.
The other camp, again, wants a radical and comprehensive
solution, a "new world order", some kind of systemic
redesign that will make security threats impossible.
http://www.truthresources.org/a_nwo.htm
Utopia is Hell.
But before we can talk intelligently about security threats,
we need to ask, "Who is being threatened by whom?"
the answer to this question isn't as obvious as you think.
To you and me, this may seem simple. A security threat
is something that threatens me.
A virus. Spyware. Someone wanting administrative access
to my computer, to steal my personal info, empty my
bank account, or whatever.
But if you are the president of a monopolistic business,
head of the RIAA, the MPAA, your definition of "threat"
may seem curiously inverted, at least from my point of view.
http://www.eff.org/legal/cases/sony_...l_decision.php
New technologies that allow users to share files unsupervised,
the ability to inspect and "reverse engineer" software,
or to write programs that unlock copy protection. These are
"security threats" from their point of view. Things that I
do in the privacy of my own home can be viewed as threats to
their businesses.
Since it is "intellectual property" that they are trying to protect,
my discovery of their secrets is a greater threat to computer security
than some petty virus. To ordinary users, the enemy is the rogue or
criminal who releases the destructive virus or worm. To authoritarians,
it is ordinary users who are the threat, not by doing something
criminally destructive, but by obtaining hidden and forbidden
knowledge.
http://www.gnu.org/philosophy/right-to-read.html
Digital Utopia would be a place where users are only allowed the
minimum privileges necessary to allow them to do their work. This may seem
sensible if you are the sysadmin at a nuclear weapons lab,
http://www.cgisecurity.com/owasp/html/ch04s08.html
but do you want the internet run that way? Do you want your PC to be managed
remotely by the regime of Digital Rights Management?
There is a lot at stake here.
The internet is still a friendly and cooperative place.
It is not the wild wild west, in desperate need of a
gunslinging sheriff to come and impose law and order.
Security is evolving naturally, and meeting the needs of legitimate
users. The rogues and outlaws are a small minority.
If it ain't broke, don't fix it.
I came in to the world with nothing. I still have most of it.
-
August 22nd, 2004, 07:40 PM
#2
Amazing post...very good read.
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
-
August 22nd, 2004, 10:01 PM
#3
Members of organizations such as the RIAA and MPAA hope to prevent the creation of any copy of digital media -- even those which consumers are legally entitled to make under the doctrine of "fair use" -- by encrypting audio and video until the very instant they reach your speakers and screen.
Surely it wouldnt be long before someone just plugged a cable from their line out strait into the line in, I mean they cant stop you sharing your home recorded stuff can they?
-
August 23rd, 2004, 03:45 AM
#4
Anyone who wants to protect there digital media using DRM should be executed. For the following reasons:
It will not stop piracy.
It will cost them more money than it will return.
It will prevent customers from using their media in the way the the customer want to.
It will limit their potentual customer base.
It will incurrage piracy.
It will create another monopoly.
I could go on and on, but i think i'll go to bed now.
What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry
-
August 23rd, 2004, 09:52 AM
#5
Support Open Source Software. Support Open License (royalty-free) Music.
See Creative Commons Attribution-ShareAlike license:
Human-readable summary
Lawyer-readable code
Machine-readable code (example)
Not only for musicians, it can be also used by photographers & illustrators, writers & bloggers, filmmakers, and educators & scholars. More info: creativecommons.org.
EFF used to have Open Audio License but now they recommend CC lisence over their license.
And now, for some real free, royalty-free music: www.open-songs.com.
Peace always,
<jdenny>
Always listen to experts. They\'ll tell you what can\'t be done and why. Then go and do it. -- Robert Heinlein
I\'m basically a very lazy person who likes to get credit for things other people actually do. -- Linus Torvalds
-
August 23rd, 2004, 09:52 AM
#6
I think we should just look at the logical conclusions of DRM:
1. DRM allows software vendors to restrict using some technical means, what other software is installed on your machine - how convenient for them (Real, Apple and Microsoft) - they don't need to compete with other media players any more, they can legally, legitimately simply uninstall them or break them.
2. DRM is installed in the BIOS and OS of the machine, which prevents running unsigned software:
- Writing open source software is now comparable to making open source weapons - you can do it, but need to obtain masses of expensive licences / permissions from the government
3. You now need a licence to even OWN a compiler. Yes, that's right. Can't let any normal people own compilers, in case they "accidentally" compile something which violates DRM. The same licence will allow you to run a non-DRM PC (for personal or commercial use only of course, you can't lend it to anyone etc)
It will be stupid because:
a. The system will be circumvented as soon as it is invented (Like PS2 and Xbox DRM measures)
b. Anyone who's bent on creating malicious software, will ignore the rules anyway
c. It will place a massive financial drain on software companies, getting the relevant government licences to develop software under a DRM world - thus further increasing the likelihood of software companies relocating to non-DRM enforcing countries (i.e. not the US or its allies (i.e. not the UK ) )
Slarty
-
August 24th, 2004, 12:17 AM
#7
I look at "DRM" as a 'rights' movement that does nothing more than protect (and in the process, divide and separate the competition) any business who wants to make sure they get 100% of their product sent out. Making a machine that's "DRM" compliant? Yeah, I'll never have that. Are they saying we can't build our own PCs anymore? Embedded in the bios and motherboard? Sure, we can break that all day. Same as the OS? Yep, broken. Not feasible financially, but that'll be circumvented by the companies because of the increased price of "production".
A failed project and all that suffer are the end users.
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|