Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Problem of DRM An objective look into technological protection measures by their sworn enemy Mikko Rauhala Infosoc activist, Machinator Bad Unca******

Published byGarey Wilcox Modified over 8 years ago

Similar presentations

Presentation on theme: "The Problem of DRM An objective look into technological protection measures by their sworn enemy Mikko Rauhala Infosoc activist, Machinator Bad Unca******"— Presentation transcript:

1 The Problem of DRM An objective look into technological protection measures by their sworn enemy Mikko Rauhala Infosoc activist, Machinator Bad Unca******

2 Controversy starts with the name DRM originally coined as ”Digital Rights Management” Attempted positive connotations; managing ”rights” Opponents: ”Digital Restrictions Management” Arguably more accurate; DRM is specifically designed to restrict users' abilities, with or without their consent Loose translation: ”Digitaaliset rajoitusmenetelmät”

3 A brief history of restrictions Early analog measures: Macrovision signaled ”compliant” video recorders about restrictions DVDs introduced digital restrictions (CSS) to true mass media in 1995 DVD players also still use Macrovision's ACP HD-DVD (RIP) and Blu-ray ”improve” on this Currently much of internet-distributed (legal) multimedia material is encumbered with DRM

4 Macrovision ACP Stands for Analog Copy Prevention A copy prevention request in the invisible vertical blanking interval of a video signal Consumer device manufacturers pushed into honoring the request, crippling their products DVD players generate the signal on the fly Not stored in the video itself as on VHS

5 DVD Content Scrambling System Video data encrypted with a 40-bit cipher US encryption export restrictions to thank for this Discs contain encrypted keys in the lead-in area Licensing used to make manufacturers comply Drives must require authentication from software to even allow access to encrypted blocks Also required to implement anti-consumer measures such as region codes and forced ads

6 CSS descrambled In 1999, Jon Johansen et al. published reverse- engineered DeCSS source 40 bits within the realm of bruteforcability Further study finds structural flaws: effectively 16-bit Proliferation of unrestricted software players... and rippers, of course Much legal trouble; more on that later

7 Blu-ray and the late HD-DVD The HD movie discs utilize ACCS, also recently cracked, though not so severely Retrieving keys for a particular release not trivial yet Blu-ray also has additional BD+ restrictions On-disc virtual machine code may be needed to further descramble the disc content. Reverse-engineered by SlySoft in AnyDVD HD VM not public knowledge... yet

8 Multimedia files Major players Microsoft and Apple have their own DRM schemes for multimedia files Microsoft even has two incompatible ones! Zune is MS-only, PlaysForSure is licensed to others Both are now branded ”Certified for Window Vista” in an apparent attempt to confuse customers In conjunction with vendor-provided software, restrict where and when the files play, if you can export to other formats (CD, DVD) etc.

9 eBooks Again, several incompatible schemes Eg. Adobe's PDF-based one, Amazon's Kindle A giant leap backwards when compared to printed books No lending, no reselling, reading only through “authorized” devices and software... A long history with printed books helps the average consumer realize what rights are lost

10 HDCP for video cables Many devices require HDCP authentication and encryption before transmitting HD picture Used in HDMI and optionally DVI interfaces Broken as designed, next to trivial to crack Method to crack even the entire system's secret keys is well-known, just requires some effort A design limit of 10,000 logic gates to implement Why implement a weak scheme at all? Lawsuits!

11 DRM and US law DRM gets the force of law in the US in 1998 DMCA forbids circumventing DRM and disseminating technology to do so Distributing DeCSS, for instance, widely challenged Slight leeway for interoperability, but legal ground shaky Nowadays the cat being out of the bag is widely acknowledged, so nobody cares anymore at least about free internet redistribution...except the Finnish public prosecutor, more on that later...

12 DRM and EU law Not to be outdone in bowing to corporate interests, the EU follows suit in 2001 EUCD forces EU member states to enact DMCA- like laws Some (little) leeway for allowing private copying; member state laws don't implement it, though Generally the directive sets the minimal allowed degree of monopolization, member states are quite allowed to restrict their citizens' actions even more

13 DRM and Finnish law Finland implemented the EUCD in 2005 Lex Karpela was born in spite of massive protests and signs of corruption in the process Bans bypassing all DRM, giving distributors a blank check to write their own “copyright law” Exception: Circumvention for personal viewing is legal. Providing a service to do so isn't, though. Is providing circumvention information publicly (and ”in an organized manner”)? I say no, the prosecutor disagrees.

14 Piracy argument dissected The traditional fallacy is that DRM prevents ”piracy” of mass media products Commercial unauthorized copying: not affected Internet distribution of illegal copies: not affected Private copying – traditionally legal: affected Clear aim to sell same material multiple times Want to format-shift your store-bought DVD to your portable player or even VHS for your cabin? Illegal.

15 “Need” for DMCA-like laws It is claimed (eg. by Jukka Liedes, the drafter of Lex Karpela) that new business models such as video “rental” over the internet require legal protection for DRM. False. Ensuring legal validity of service contracts forbidding the circumvention of the service's DRM would achieve the same (ineffective) end. Per-customer watermarks might actually discourage copying, but is cumbersome, so isn't done

16 The real reasons for DMCA et al. To control access to a format Apple practically bans interoperability with iTunes MS collects license fees for PlaysForSure, also forbids interoperability with Zune DVD and Blu-ray groups similarly collect licensing fees for their formats and forbid manufacturers from making players too user-friendly No need for disputable software patents, just throw in DRM and the format is your monopoly

17 The real reasons for DMCA et al. Generate an atmosphere of fear through absurdly overpowered punishments “They broke the law” has a nicer ring to it than “they violated the legalese in our contract” Get governments to do some of the dirty work Having public prosecutors do their part in legal action mitigates the PR risk for big media DMCA-like laws drain public prosecutors' resources in a fight against victimless crime

18 The real economic costs Artificial barriers to entry lead to lesser competition in the player/viewer market Lesser competition leads to artificially high prices, enriching a few monopolists at the society's expense Lesser flexibility for the average citizen to enjoy store-bought media “You're in the wrong country to play this disc.”

19 The real legal costs Stricter copyright laws enable more spurious and anticompetitive lawsuits These serve to enrich lawyers (many of whom lobby strongly for this sort of legislation for some reason) at the expense of the society at large Lead to “design by lawsuit opportunities” Everything must be filled with weak, cheap DRM; not because it does any good, but because you can then sue CSS and HDCP are prime examples of the weak end

20 The real technical costs Encryption doesn't come for free, but requires: Hardware. In embedded devices the job is often best done by custom hardware, which costs money. Software. On general purpose computers the job is often best done by software, which costs money. Also inflates CPU requirements, which costs money. Energy. Especially a concern for portable battery- operated devices, but also for the environmentally conscious among us. And it costs money.

21 The Free Speech issue Programs are a form of expression Consist of sequences of instructions and/or definitions, (generally) readable by a person familiar with the language A restriction on dissemination of source code = A restriction on dissemination of instructions = A restriction on speech Unconstitutional? Indeed, even in Finland.

22 Are programs not language? The beginning of a DeCSS implementation reversibly translated into English: I will begin by describing a procedure named CSStitlekey1 that uses a player key to decrypt the disk key. The procedure returns no value. (It is of type "void".) The procedure takes two arguments. The first argument is named KEY, and is a pointer to a vector of six unsigned bytes. These bytes initially contain an encrypted disk key. They will eventually hold the decrypted disk key computed by the procedure. The second argument is named im, and is a pointer to a vector of six unsigned bytes. These bytes are the decryption key (the player key) that the procedure will use to decrypt the bytes in the variable named KEY....

23 Questionable vs. legal expression Quoth Keith Winstein & Marc Horowitz: To decrypt CSS: #!/usr/bin/perl s''$/=\2048;while(<>){G=29;R=142;if((@a=unqT="C*",_)[20 ]&48){D=89;_=unqb24,qT,@b=map{ord qB8,unqb8,qT,_^$a[-- D]}@INC;s/...$/1$&/;Q=unqV,qb25,_;H=73;O=$b[4] >8^(P=(E=255)&(Q>>12^Q>>4^Q/8^Q)) >8^(E&(F=(S=O>>14&7^O)^S*8^S >= 8)+=P+(~F&E))for@a[128..$#a]}print+qT,@a}';s/[D-HO- U_]/\$$&/g;s/q/pack+/g;eval Questionability is a matter of taste, but illegal? We'll see. Has fully legal uses. To gain a confession CIA and Spanish Inquisition style: Strap subject to an inclined board, head low, legs high Make sure subject can't move Cover face with a towel or cellophane Pour water over face Repeat until broken Completely legal speech. No legal uses whatsoever.

24 Free but illegal software As free software is provided primarily as source code and only incidentally as binaries, it is completely antithetical to DRM If there were restrictions in the code, anyone could take them out and recompile Free viewers for DRM'd media are on very shaky legal ground in countries where DMCA et al. reign Coincidentally, free software is also the major emerging competitor to established software giants

25 Case Organized discussion Idea born in 2005, right after Lex Karpela was approved by the parliament despite protests Take the most fascist interpretation of the law, violate it en masse, confess, and see what happens Goal: Ascertain if it's legal to communicate freely about circumvention methods in an organized manner, including transmitting circumvention source code Out of 39 participants, two were more than a year later prosecuted for offering a circumvention service

26 The Organized discussion lawsuit The suit concentrates on my co-conspirator's Haskell implementation of DeCSS Singled out because of its originality? Don't know. Requires the key as user input Still helps circumvention if starting from a blank slate Implements CSS decryption, not access control Does not even try to authenticate to a DVD drive Only circumvents a viewing restriction!

27 The District court rules In the summer of 2007, the District court of Helsinki ruled in our favor Basis: CSS is not “effective”, since there are easy to use programs to circumvent it widely available No comments on freedom of speech arguments The victory, while welcome, was partial Decision appealed by prosecution Waiting for the appeals court to weigh in

28 The cracks on the road ahead Regardless of the appeals court, DVD CSS circumvention software is readily available around the world Also HD-DVD and Blu-ray have been cracked, though all of it is not public knowledge MS and Apple DRM cracks surface once in a while, but as most material is widely available in other forms, they are largely irrelevant anyway

29 The trusted client problem All DRM relies on a trusted client Users need to be able to open the files somehow User has possession of hardware and/or software that incorporates or at least receives the key If one user can examine the inner workings sufficiently, the DRM scheme may be broken or at least severely compromised Finally, there is the “analog hole”; what can be viewed or heard, can be recorded.

30 Will sanity prevail? Competing against zero-cost pirated material with artificially restricted offerings would seem to be a losing strategy in the marketplace The mainstream music industry has started to slowly acknowledge this; more and more DRM-free music is starting to be available from legal sources eBook firms seem to be hell-bent on repeating old mistakes, but as people are used to books being rather free of restrictions, I doubt they'll prevail

31 The video fight No traditions of freedom from restrictions While people are annoyed with no-skip ads, region codes et al, there's no critical mass yet Available cracking products allow for timely, high-quality pirate releases of new titles As internet connection speeds further increase, this competition will also, thereby increasing pressure for companies to behave better – but we'll see

32 The document format fight Historically, document format monopolies have been kept mostly through trade secrets DRM opens a new avenue for monopolization Microsoft's new OOXML format marketed as “open” (debatable, but another subject) What if users were persuaded to save with DRM, even as default? No interoperability for competitors. Public education on the subject needed

33 Trusted / Treacherous Computing Stands for Trusted Computing Platform Coined also as Treacherous Computing Platform The TCP platform ranges from the hardware to the OS, and can restrict many activities Running only signed binaries, curtained memory (also from the OS itself!), secure I/O paths, binding files strongly to specific hard/software combinations, remote attestation... Potentially makes cracks difficult, if widely deployed

34 Who can trust your computer TCP can be used for good or for evil, depending on who it is that defines trust If a media company can trust your computer not to do certain things, your computer is not yours If you can trust your computer (or, for sysadmins, your organization's computers) to only run accepted programs and curtail sensitive document access to certain programs, you gain more control It's all in the policy and implementation

35 Dystopia Combining DRM-encumbered document formats and TCP could conceivably destroy the open information society If, in practice, to read most media and document files, you would have to have a TCP system with an “approved” OS and application stack, monopolization would reach a record high Not too likely, as demand for more openness is on the rise. However,

36 And so it begins I didn't come here to tell you how this is going to end. I came here to tell you how it's going to begin.

Download ppt "The Problem of DRM An objective look into technological protection measures by their sworn enemy Mikko Rauhala Infosoc activist, Machinator Bad Unca******"

Similar presentations

Do the anti-circumvention provisions of the Digital Millennium Copyright (DMCA) Act further or harm public interests?

Do the anti-circumvention provisions of the Digital Millennium Copyright (DMCA) Act further or harm public interests?
Why the DMCA has the right to outlaw numbers

Why the DMCA has the right to outlaw numbers
The digital age of information is not yet a done deal and copyright is not the only potential “block” DRM.

The digital age of information is not yet a done deal and copyright is not the only potential “block” DRM.
The Health and safety Act, is an act to make further provision for securing the health and safety and welfare of persons at work.For protecting others.

The Health and safety Act, is an act to make further provision for securing the health and safety and welfare of persons at work.For protecting others.
Blue Spike © 2001 Blue Spike, Inc. - 1 Copyright Protection? What are the technologies which can address copyright management in a world of digital copies?

Blue Spike © 2001 Blue Spike, Inc. - 1 Copyright Protection? What are the technologies which can address copyright management in a world of digital copies?
Slides prepared by Cyndi Chie and Sarah Frye1 A Gift of Fire Third edition Sara Baase Chapter 4: Intellectual Property.

Slides prepared by Cyndi Chie and Sarah Frye1 A Gift of Fire Third edition Sara Baase Chapter 4: Intellectual Property.
Copyright Infringement

Copyright Infringement
Copyright and Alternatives to Copyright Why now? Rita S. Heimes Director, Technology Law Center University of Maine School of Law Rita S. Heimes Director,

Copyright and Alternatives to Copyright Why now? Rita S. Heimes Director, Technology Law Center University of Maine School of Law Rita S. Heimes Director,
Property in Cyberspace 1.What is “Intellectual Property”?Intellectual Property Intellectual Property Is: Intangible creative work—not necessarily the physical.

Property in Cyberspace 1.What is “Intellectual Property”?Intellectual Property Intellectual Property Is: Intangible creative work—not necessarily the physical.
The Downside to DRM. What is DRM? “Digital Rights Management” Software used to control access to copyrighted material Protect company from piracy.

The Downside to DRM. What is DRM? “Digital Rights Management” Software used to control access to copyrighted material Protect company from piracy.
MPAA vs. 2600 Copyright Law & You. Roadmap Introduction What is at stake? How will this effect you? Conclusions – The Bigger Picture.

MPAA vs Copyright Law & You. Roadmap Introduction What is at stake? How will this effect you? Conclusions – The Bigger Picture.
Software Copyright. Learning Objectives: By the end of this topic you should be able to:

Software Copyright. Learning Objectives: By the end of this topic you should be able to:
Computers in Society The Computer Industry: Open Source.

Computers in Society The Computer Industry: Open Source.
1 Are “Trusted Systems” Useful for Privacy Protection? Joan Feigenbaum PORTIA Workshop Stanford Univ., July 8-9, 2004.

1 Are “Trusted Systems” Useful for Privacy Protection? Joan Feigenbaum PORTIA Workshop Stanford Univ., July 8-9, 2004.
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Seven.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Seven.
YOUR INTERNET EXPERIENCE

YOUR INTERNET EXPERIENCE
CONTENT PROTECTION AND DIGITAL RIGHTS MANAGMENT

CONTENT PROTECTION AND DIGITAL RIGHTS MANAGMENT
C opyright Protection and Digital Rights Management 1.

C opyright Protection and Digital Rights Management 1.
DVD Decryption What happened and is it ethical?. DVD CSS n The purpose of encrypting data on DVD. n The CSS Security Model. n How that security model.

DVD Decryption What happened and is it ethical?. DVD CSS n The purpose of encrypting data on DVD. n The CSS Security Model. n How that security model.
Macrovision Corp. November 18, 2004 David Mizell Mary Voss Wei Wang.

Macrovision Corp. November 18, 2004 David Mizell Mary Voss Wei Wang.

Similar presentations

Ads by Google