The Drm Fiasco
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View The Drm Fiasco as PDF for free.
More details
- Words: 1,628
- Pages: 6
Fischer 1 Trever Fischer Ms. Simms English Composition 111 3 October 2007 The DRM Fiasco Digital Rights Management (DRM) is a funny thing. It is an incredibly backwards concept that tries to protect media like music or movies against the owner viewing that media. Except under certain conditions, and those are conditions meant to be strictly controlled. The most common example of DRM in action would be a DVD. DVDs are encrypted using asymmetric key cryptology. To fully grasp what "asymmetric key cryptology" means, a quick refresher course in cryptology theory is needed. Cryptology is the practice of keeping secrets. It has been around for quite some time, but in all cases it involves three parties: the sender, the recipient, and the attacker. The sender, who we will call Alice needs to tell Bob (the recipient) something. It may or may not be something illegal. Regardless, Carol wants to keep tabs on their communications. What Alice does is she employs some manner of encryption on her message with Bob. To know what Alice sent, Bob needs to know how to get the original message out of the obfuscated text. So Alice uses some pretty simple encryption. She takes every letter in the message and shifts it one to the left. A becomes B, B becomes C, and so on. If Carol gets a hold of Alice's secret message, she can't do anything with it. Unless of course she too knows how to unshift the letters. Once Carol figures it out, Alice and Bob's communication doesn't have any security left. For the whole thing to work, that's two secrets that need to be shared between Alice and Bob: how the message was changed (the cipher) and what the actual message is. That's two things Alice and Bob need to keep Carol from coming across.
Fischer 2 What if Alice and Bob didn't have to share with each other anything other than the message? What if the cipher itself could be hidden from Carol? She wouldn't have a clue how to decipher the original message. Only Bob would need to know how to decipher it, and only Alice would know how to encrypt it. This is asymmetric key cryptology in a nutshell. Alice and Bob agree on using some wellknown algorithm that, when used with a password (technically called a 'key') and some message to work on, either an encrypted or decrypted message is given back. The reason it is called asymmetric key cryptology is because two different keys are usedone key encrypts the message and the other key decrypts it. Alice creates two keys, one private and one public. The private key is Alice's tightly guarded secret. Only Alice knows what it is. Her public key is given to Bob who also creates two keys and gives Alice his public key. When Bob's public key is used in the algorithm, the message is encrypted. Only Bob's private key can be used with the algorithm to get back the original message. Let's say Alice wants to ask Bob about the nuclear missles she ordered. Remember Carol? She thinks it is kinda important to know if Alice does or does not have tactical nukes. Alice creates the message and uses Bob's public key to encrypt the message which comes out as unreadable gibberish. Bob gets the message and uses his private key to get back the original message. When Carol gets a hold of the unreadable message, she can't do anything. She doesn't have Bob's private key. Using Bob's public key on the message just encrypts the encrypted message again. Using Alice's key encrypts it again, but only Alice can decrypt it. What does all this have to do with DRM? In DRM the model of Alice, Bob, and Carol is slightly skewed. Alice is the recording company that sold you the movie. You are Bob, because they want you to see the movie. You are also Carol because they don't want you to use the movie against them by doing something like distributing it on the internet. To sum things up, DRM makes you both the recipient and the attacker. Now DRM really sounds silly, doesn't it? Going back to the example of Carol not having Bob's key, what if she got a hold of his private key? Let's
Fischer 3 assume that Bob built some kind of machine that can scan in the encrypted message and prints out the decrypted message. The machine needs Bob's key, so he puts it in there. Late one night, Carol hires some ninjas to steal Bob's machine. Not only does Carol now own Bob's powerful decryption machine, she also has the private key Bob put into the machine. In every DVD player, there exists the private key generated by the movie publisher which is used to decrypt the DVD. DVD players are pretty much closed systems. That means a nefarious person can't just open it up and read the key off of the chips. Watching a DVD on a computer is a different issue, however. To watch a DVD, you need to run a DVD watching program. This program has the keys builtin which makes it incredibly easy for anyone with the right tools to just search the memory for it. If Carol works for a large organization with whom she shares Bob's key, anyone in that organization can decrypt messages meant for Bob's eyes only. If someone puts the DVD keys on the Internet, anyone on the Internet can decrypt DVDs. Even pirates. As Cory Doctorow said to the Microsoft Research Group, DRM systems are broken in minutes, sometimes days. Rarely, months. It's not because the people who think them up are stupid. It's not because the people who break them are smart. It's not because there's a flaw in the algorithms. At the end of the day, all DRM systems share a common vulnerability: they provide their attackers with ciphertext, the cipher and the key. At this point, the secret isn't a secret anymore. This is true. AACS is a fancy name for a special kind of asymmetric key encryption used in both the new HDDVD and Bluray Disc formats. AACS has the ability to 'revoke' a private key from being used in the decoding process, essentially discouraging people from publicly sharing decryption keys obtained from disc players. On April 16th 2007, AACS LA (the entity responsible for keeping the keys secure and in order) revoked they keys of several software players and
changed newly printed discs to use a different key. The next day, an Internet user announced he
Fischer 4 had found the key "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0", or "09 F9" for short, by looking at a preview disc of The Matrix Trilogy in his software player (Paul). The discs were not set to be released until a week later, but they had already been decrypted less than 24 hours after the notice. For most people, they will never encounter the pain of dealing with DRM. For some however, it really is a pain. DVDs are expensive and fragile. A single scratch can wipe out that $50 disc easily. Protection against expensive damages usually comes in the form of a digital backup. Backing up a DVD usually involves having to copy the DVD's contents to a computer. It is a lot more difficult to scratch a computer's hard disk. The problem with creating a backup copy of your property is that media conglomerates responsable for this DRM feel that everyone who wants to copy a DVD is a pirate. Piracy of a video absolutely requires creating a digital copy of the file. If Joe Schmoe wants to create a backup copy of his video, he should be able to. As long as the backup copy isn't going to be sold on the black market or distributed in some other manner that impacts the media corporation's sales, it should be permitted under fair use (Copyright). For any medium other than video or music, fair use covers backup copies. Archiving a digital copy of a newspaper from an important date doesn't infringe on anyone's rights. Archiving a digital copy of a classic movie shouldn't either. DRM is like a childproof medicine bottle. It inconveniences everyone involved, if only those who aren't targeted by the protection. Children with their flexible joints can easily push down and twist open a medicine bottle once they figure out how to do it (or at least read the cap). The elderly who are inflicted with arthritis have trouble opening their medication because of their condition, which means they need the medicine to open the medicine! DRM acts much the same way. It tries to convince people that it is much easier to just plain buy the media than it is to borrow it for free and burn your own copy. The problem is that once a wily hacker out there
Fischer 5 removes the DRM from something and puts it on the Internet, a user only has to search for it to get it for free (Doctorow). The hacker has removed the inconvenience of getting around the DRM from the end user's shoulders. He doesn't need to concern himself with when and where he is allowed to watch his movie. Downloading the DRMfree version lets things Just Work.
Fischer 6 Works Cited Copyright Law of the United States of America. Chapter 1. US. Copyright Office. 2 Oct. 2007 Paul, Ryan. "Latest AACS revision defeated a week before release" Ars Technica 17 May 2007. 2 Oct. 2007. Doctorow, Cory. "Pushing the impossible" Guardian Unlimited 4 Sept. 2007. 2 Oct. 2007. Doctorow, Cory. Address. Microsoft Research Group, Redmond. 17 June 2004.
Fischer 2 What if Alice and Bob didn't have to share with each other anything other than the message? What if the cipher itself could be hidden from Carol? She wouldn't have a clue how to decipher the original message. Only Bob would need to know how to decipher it, and only Alice would know how to encrypt it. This is asymmetric key cryptology in a nutshell. Alice and Bob agree on using some wellknown algorithm that, when used with a password (technically called a 'key') and some message to work on, either an encrypted or decrypted message is given back. The reason it is called asymmetric key cryptology is because two different keys are usedone key encrypts the message and the other key decrypts it. Alice creates two keys, one private and one public. The private key is Alice's tightly guarded secret. Only Alice knows what it is. Her public key is given to Bob who also creates two keys and gives Alice his public key. When Bob's public key is used in the algorithm, the message is encrypted. Only Bob's private key can be used with the algorithm to get back the original message. Let's say Alice wants to ask Bob about the nuclear missles she ordered. Remember Carol? She thinks it is kinda important to know if Alice does or does not have tactical nukes. Alice creates the message and uses Bob's public key to encrypt the message which comes out as unreadable gibberish. Bob gets the message and uses his private key to get back the original message. When Carol gets a hold of the unreadable message, she can't do anything. She doesn't have Bob's private key. Using Bob's public key on the message just encrypts the encrypted message again. Using Alice's key encrypts it again, but only Alice can decrypt it. What does all this have to do with DRM? In DRM the model of Alice, Bob, and Carol is slightly skewed. Alice is the recording company that sold you the movie. You are Bob, because they want you to see the movie. You are also Carol because they don't want you to use the movie against them by doing something like distributing it on the internet. To sum things up, DRM makes you both the recipient and the attacker. Now DRM really sounds silly, doesn't it? Going back to the example of Carol not having Bob's key, what if she got a hold of his private key? Let's
Fischer 3 assume that Bob built some kind of machine that can scan in the encrypted message and prints out the decrypted message. The machine needs Bob's key, so he puts it in there. Late one night, Carol hires some ninjas to steal Bob's machine. Not only does Carol now own Bob's powerful decryption machine, she also has the private key Bob put into the machine. In every DVD player, there exists the private key generated by the movie publisher which is used to decrypt the DVD. DVD players are pretty much closed systems. That means a nefarious person can't just open it up and read the key off of the chips. Watching a DVD on a computer is a different issue, however. To watch a DVD, you need to run a DVD watching program. This program has the keys builtin which makes it incredibly easy for anyone with the right tools to just search the memory for it. If Carol works for a large organization with whom she shares Bob's key, anyone in that organization can decrypt messages meant for Bob's eyes only. If someone puts the DVD keys on the Internet, anyone on the Internet can decrypt DVDs. Even pirates. As Cory Doctorow said to the Microsoft Research Group, DRM systems are broken in minutes, sometimes days. Rarely, months. It's not because the people who think them up are stupid. It's not because the people who break them are smart. It's not because there's a flaw in the algorithms. At the end of the day, all DRM systems share a common vulnerability: they provide their attackers with ciphertext, the cipher and the key. At this point, the secret isn't a secret anymore. This is true. AACS is a fancy name for a special kind of asymmetric key encryption used in both the new HDDVD and Bluray Disc formats. AACS has the ability to 'revoke' a private key from being used in the decoding process, essentially discouraging people from publicly sharing decryption keys obtained from disc players. On April 16th 2007, AACS LA (the entity responsible for keeping the keys secure and in order) revoked they keys of several software players and
changed newly printed discs to use a different key. The next day, an Internet user announced he
Fischer 4 had found the key "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0", or "09 F9" for short, by looking at a preview disc of The Matrix Trilogy in his software player (Paul). The discs were not set to be released until a week later, but they had already been decrypted less than 24 hours after the notice. For most people, they will never encounter the pain of dealing with DRM. For some however, it really is a pain. DVDs are expensive and fragile. A single scratch can wipe out that $50 disc easily. Protection against expensive damages usually comes in the form of a digital backup. Backing up a DVD usually involves having to copy the DVD's contents to a computer. It is a lot more difficult to scratch a computer's hard disk. The problem with creating a backup copy of your property is that media conglomerates responsable for this DRM feel that everyone who wants to copy a DVD is a pirate. Piracy of a video absolutely requires creating a digital copy of the file. If Joe Schmoe wants to create a backup copy of his video, he should be able to. As long as the backup copy isn't going to be sold on the black market or distributed in some other manner that impacts the media corporation's sales, it should be permitted under fair use (Copyright). For any medium other than video or music, fair use covers backup copies. Archiving a digital copy of a newspaper from an important date doesn't infringe on anyone's rights. Archiving a digital copy of a classic movie shouldn't either. DRM is like a childproof medicine bottle. It inconveniences everyone involved, if only those who aren't targeted by the protection. Children with their flexible joints can easily push down and twist open a medicine bottle once they figure out how to do it (or at least read the cap). The elderly who are inflicted with arthritis have trouble opening their medication because of their condition, which means they need the medicine to open the medicine! DRM acts much the same way. It tries to convince people that it is much easier to just plain buy the media than it is to borrow it for free and burn your own copy. The problem is that once a wily hacker out there
Fischer 5 removes the DRM from something and puts it on the Internet, a user only has to search for it to get it for free (Doctorow). The hacker has removed the inconvenience of getting around the DRM from the end user's shoulders. He doesn't need to concern himself with when and where he is allowed to watch his movie. Downloading the DRMfree version lets things Just Work.
Fischer 6 Works Cited Copyright Law of the United States of America. Chapter 1. US. Copyright Office. 2 Oct. 2007
Related Documents
The Drm Fiasco
October 2019 19
Drm The Makati Way
October 2019 24
Satyam Fiasco
May 2020 6
Ricks - Fiasco (2006) - Synopsis
May 2020 6
Health Care Fiasco
June 2020 3