Sean DALY wrote:
David, I'm curious, what's your basis for asserting that FLOSS is
incompatible with DRM? Sun's Open Media Commons project is designed to
allow media playback restriction. OpenIPMP
(http://sourceforge.net/projects/openipmp/) is not an active project
AFAIK, but it is Mozilla MPL.
Hoist by my own petard ?
I was aware of some (misguided in my view) attempts at Open Source DRM.
But I am not familiar with the details (I just rolled my eyes skyward).
Open Source and Free Software cannot enter into Non Disclosure
Agreements as the text of the source code must disclose the information
contained in the agreement.
If I can argue by analogy (Always a dangerous thing to do).
DRM is about keeping a secret. Free standing DRM needs to supply the key
within the material supplied therefore, the only security is through
obscurity.
e.g One system uses the file size (in plain view) as the key.
Not knowing that his is the key or how to apply it is how this closed
source system works to keep the secret key secret.
So if in the case of a physical key, I hide a spare beneath the plant
pot, that is security through obscurity.
Placing a plain text note: On the door saying the key is beneath the
plant pot is Open Source (or Free software), for anyone who can read the
text (source code).
Again the key could be in the dog kennel, but the dog is access control,
which is a bit like the key locked inside a trusted module chip. Again
it the the lack of control of the hardware that checks for signed code
(XBOX PS3 etc) the DRM is in embedded in the hardware (even if it is
software) hence the need for a mod chip.
A note on the door saying the key is next door, just transfers the
access control to my neighbor, and this is a tethered application like
the ones that I understand audible use (audio books) etc.
This can consist of a challenge and response etc, so could be open
source as the secret is in the challenge (and required response) on
server under external control.
SUN's DReaM.
http://mako.cc/copyrighteous/20061115-00
"with a tag to trace misuse" - A watermark.
Again enforcement is external to the source code.
Sun's DReaM appears to require dedicated hardware, or am I mistaken.
A purely open software solution to DRM would appear to be impractical,
if Open Source is used and against the principles of free software. The
DRM is in the hardware in Apples iTunes or the XBOX etc.
Lessig and Stallman on Sun's DRM
http://www.theregister.co.uk/2006/04/15/lessig_stallman_drm/
I don't share Prof Lessig's views on DRM.
http://www.theregister.co.uk/2006/03/24/lessig_blesses_drm/
The delay in replying is a product of having to lookup Sun's DRM.
I will address the rest in a separate post.
p.s.
Strong encryption (GnuPG, TrueCrypt) relies on the control of the keys
which have to be supplied with stand alone DRM and just obfuscated,
difficult to do with open source (e.g Java Script Obfuscation).
Public key encryption is strong, key control (in standalone DRM) is weak.
-
Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please
visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html.
Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/
