Hi, On 2006-03-09 10:37, Hetz Ben Hamo wrote: > Both formats WILL be cracked. It's only a matter of time and stupidity > of those companies. Last time it was because none of the DVD forum > companies had any support for Linux, until "DVD Jon" came with DeCSS > and from there, the rest is history.
Yes, these DRMs schemes will probably eventually be cracked, to some extent, and it's indeed only a matter of resources and luck. Which means that to make DRM systems effective, the DRM vendors just have to raise the bar on required resources and luck sufficiently -- and at this, they are hard at work. I doubt the presently introduced generation of DRM achieves it quite yet, but it would be rather imprudent to take this as an article of faith and expect a modern Prometheus, incarnated as a DVD Jon du jour, to descend the cryptographic Olympus and bring the gift of de-DRM whenever hardship befalls consumers. There are several factors at play here, which render this increasingly unlikely. 1. The DRM standard and vendors are starting to employ more advanced cryptographic algorithms both because they learned their lessons and because performance constraints, previously a major cause of weaknesses, are becoming less of a concern. I've talked to some of the people developing the new DRM schemes, and I can tell you it would be foolish to expect them to be foolish -- do not confuse momentum with blindness! Now, these more advanced algorithms take longer to analyze, and the attack code takes longer to run. If the analogue of DeCSS takes a decade to write, and a month to run per title, would it be useful to consumers? 2. New DRM standard include revocation techniques that give the DRM vendors the ability to cope with partial compromise of their schemes, by effectively "blacklisting" the cracked players and those derived from them. And even when this revocation can be circumvented, it is not trivial: for example, the revocation technique of the HDCP standard was broken by many people (myself included) within hours of the release of its specifications, but the attack requires extracting the secret keys from a few dozen devices -- not a trivial task. Again, this means a much longer delay until working cracking code gets into the hand of consumers. Moreover, if the DRM vendors employed certain well-known cryptographic revocation schemes (at some expense, of course), they could make the revocation component safe from all known cryptanalytic attacks. If any crack in the scheme would be effectively closed in a few days, and the cracks are sufficiently expensive to find, then what are the chances of a typical consumer actually taking advantage of a crack? 3. Some proposed DRM techniques employ physical barriers to cracking in the form of tamper-proof components, either in the player itself or on the motherboard. This raises the barrier, and hence the time frame for crackers. But moreover, coupled with the revocation techniques, it means you may have to carry out complex physical surgery on chips, separately, for each consumer who wishes to de-DRM his content! This is, essentially, already the case for some presently deployed broadcast television DRM schemes. How accessible are these cracks, for the typical consumer? 4. The analog hole is being sewn shut by various industry standard, some emerging and some already deployed, that essentially encrypt the data flow throughout the path from the media to the internals of the LCD/CRT. This means tapping a raw signal and de-DRMing it becomes increasingly difficult, and will soon require special equipment and expert knowledge not available to most consumers and, ultimately, not even to the darknet's data suppliers. 5. Lastly, legislation such as DMCA, and its emerging analogues in Europe and elsewhere, is decreasing the extent and dissemination of pertinent cryptanalytic research. It also firmly and extensively forbids de-DRMing by consumers. Where eagles dwell, our modern Prometheus had better watch out for his liver. To conclude, while perfect DRM is not achievable in principle, effective DRM may very well be achievable in practice, and is plausibly imminent. The cargo cult of "if we need it bad enough then DVD Jon will bestow a crack upon us" is a poor and dangerous model of reality; as the DRM war is drawn to conclusion on the technical and legislative battlefronts, de-DRMing gifts will no longer be dropped upon consumers' feet. Fair use rights will be regained, if ever, only the hard way: through consumer awareness, political lobbying and economical pressure. Eran ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
