David A. Wheeler's Blog

Sun, 07 Jan 2007

DRM Nonsense, HD DVD, AACS, and BackupHDDVD - why “content protection” doesn’t

Hollywood wants to prevent piracy - and that is understandable. But in their zeal it sometimes appears that some who create movies or music don’t care what privacy, security, legal rights, or laws of physics they try to violate. And that is a real problem. DRM proponents want to release digital information to people, yet make it impossible to copy them. Yet the whole point of digital processing is to enable perfect copies. DRM (Digital Rights Management or Digital Restrictions Management) is truly “defective by design. As others have said, DRM is an attempt to change water so it’s not wet.

The recent reports about HD DVD are showing the folly of DRM in general. HD DVD encrypts a movie, and then encrypts that movie key many different times on the DVD as well - once for each player. The theory here is that the movie industry could then revoke a player key by simply not including that key on future DVDs. I think the first time they try to actually do this, they’ll see the folly of it — it would mean that millions of customers would suddenly no longer have access to future movies through a device they purchased that they expected to work with them. Can anyone say “class action lawsuit”? I knew you could!

But it turns out that this idea has a fatal flaw technically, as shown by BackupHDDVD (you can see the code, comments, NY Times article, and Slashdot discussion). The code itself is no big deal - it just implements the decryption protocol, which is publicly known anyway. But the interesting trick is that the released software requires the master decryption key for that specific movie, and the implementor is claiming that he has found a way to get this key from a player. To be fair, he hasn’t proven he can get such keys by actually sharing any real keys, but let’s presume that he is telling the truth; his described method for getting them is very plausible. Yet the implementor is not revealing the player that he got this from or the exact details of how he got them.

That’s more clever than it first appears. The creators of the DRM scheme assumed that anyone who broke a player would reveal the player’s private key. But because BackupHDDVD’s creator doesn’t reveal that key, he never reveals the player he’s broken into. Since the DRM scheme masters don’t know which player was broken into, their revocation scheme won’t work. Many other revocation schemes for media use the same basic approach, and so they would fall the same way.

Some Blu-ray folks are claiming that this shows their scheme works better, because they can include additional crypto stuff on the media. But this shows that they don’t understand the nature of the problem; it’s not hard to implement the crypto interpreter, and since you wouldn’t know which player to revoke, you would give all the crypto interpreter information away too. They’d just need to send around the decrypted decryptor… which would be trivially acquired. Once again, DRM is doing nothing to stop piracy, but it’s certainly interfering in legitimate use. Sorry, but water stays wet.

I do not approve of piracy. I don’t approve of murder, either, yet I approve of the sale of steak knives and cleaning supplies… and would oppose trying to halt their sales. Certainly the costs to consumers of DRM measures are considerable, yet they are actively against the interests of customers.. and they even fail to do the one thing they are supposed to do. DRM proponents are often laughingly referred to as the MAFIAA (Music And Film Industry Association of America), in part because their actions towards their own customers seem actively hostile. DRM seems to be primarily about preventing people from using in legitimate ways the products they’ve already purchased, and has nothing to do with actually preventing illegal activities. Why can’t I transfer that music or movie I bought to a new device I just bought? Or to an old CD so I can play it on older equipment? Why can’t I watch what I bought using GNU/Linux or BSD systems? Why can’t I use a $3000 display’s full resolution at all times for movies I have legitimately bought? Measures this extreme that create monopolies and inhibit legal activities are not a good thing, and are worse than the piracy that DRM measures are trying to prevent.

What’s worse, the anti-consumer impacts of DRM don’t even inhibit piracy. The big piracy operations will just continue to make direct copies of the bits using specialized equipment, and DRM cannot affect that at all. Individuals can make recordings of the displays or sounds… again, DRM can’t really counteract that (there are anti-sync measures for video, but they are easily foiled). So DRM will fail against individuals, and against large-scale piracy, period. Since DRM tries to prevent many legitimate uses, it also encourages law-abiding citizens to break them… and so far they’ve all fallen, given that additional incentive. The fact that DRM is not even successful at doing what it’s supposed to do is just icing on the cake. Even if DRM worked, it is still worse than the problems it is trying to stop.

DRM is the disease, not the cure. It’s time for content industries to take advantage of technology, instead of trying to halt the use of technology. Instead of DRM, they should sell non-DRMed content using standards that everyone can implement… and then they can sell their content to a very large unified market.

path: /security | Current Weblog | permanent link to this entry