[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[dvd-discuss] Cross post of my own work on a DRM committe...



Ironically (or not) I'm involved with the DRM committee for a large
streaming media initiative.  I've been attempting to raise concerns (and
FUD) regarding the viability and liability of being involved in any
DRM.  Here (with deletions) is my latest post to that group... 
Essentially I'm arguing that much (most) of the DRM/TPM efforts are at
best counter-productive.

-- begin quote --

"All views not necessarily held by the author..."

Another in my series of contrarian DRM views.  These are stated with a
minimum of moderation, as the intent is to raise a strong devil's
advocate position to ensure that we act in such a way to maximize the
success and profitability of (particular semiconductor) hardware members
(as well as the other stakeholders) deploying with the results of the
<deleted>
committee.  

The fundamental doctrines of this devil's advocate view are: 

(1) "By cooperating with the media companies to artificially limit the
uses and functions of media player devices, we reduce their value to the
customer, reducing the value of every component supplied to the OEM,
without reducing the cost or complexity of those components to their
respective manufacturers.  Ironically, one can make same case for the
value of the content itself."  

example: The fact I can't (legally) transcode and serve DVD content over
my home LAN means that home LAN, residential gateway, STB, wireless and
the DVD's themselves are worth less to me.  Freedom for "fair use" means
freedom to innovate and create value for the customer. Imagine a device
with hardware for MPEG-2,4 decode, MPEG-N (1,2,4?) encode, 802.11a
networking, and a really big hard disk, DVD/VCD burner (for the laptop
or Minivan based player), serving other MPEG-N and 802.11a equipped STB
devices on the other TV's computers, IA's throughout the house.  

This compelling value for the customer and lots of silicon and software
in the BOM... I'd buy more DVD's, and streaming content if it had that
sort of value and flexibility.  End-to-end restrictions prevent such
devices and schemes

(2) "By attempting to preserve old and impossible business models, we
slow deployment of new technology, and the new inevitable
post-transition quasi-equilibrium business model"  

Example (analogy): requiring buggy whips on autos only delays the
evenevitable shift in the tack industry (to recreation) and slows the
adoption of cars.  Requiring the same margins and pricing for moving
bits as pressing and moving polycarbonate disks ignores that broadband
is not a traditional wholesale/retail market and the fact that supplying
bits doesn't have the same value as supplying fixed media (saves the
time to burn (for audio), saves hard disk space, nice cover art.
portable, whatever)

<deleted> wrote:  

> <deleted and paraphrased>
... a comment on technical preferences on "end-to-end" security
approaches...

Every time I hear the phrase "end-to-end" security I get the following
images in my mind

(1) "the telecine" -- anything that can be seen can be copied
(2) CSS, HDCP, SDMI -- all cracked (to say nothing of
.dll/driver/debugger level image ripping on a PC)
(3) Skylarov in handcuffs giving a telvision interview and the question
"who's next, Alan Cox?"
(4) The drastic reduction in value proposition for every component and
device we the technology companies provide in the media value chain as
the functionality is artificially reduced for the average customer while
doing nothing whatsoever to stop content piracy.

I think we will serve the media and copyright constituencies far better
if we (as an expert group) convince them that nothing, *nothing* we can
do will truly secure content once it arrives at the CPE (customer
premise equipment) -- and that they should focus their business models
on the 'possible' not their fondest 'wishes.'  Effectively this means
they need to get all the money they think a copy is worth (and that the
market will bear) before the content goes out the door -- be that
broadcast, stream, download, or fixed media.  Anything beyond that is a
fantasy.  A market strategy that begins "If end-to-end security were
possible..." is doomed to failure and infamy, just like CSS. If we can
get them past their digital panic attack (which is only a redux of the
VCR panic attack) -- these are good companies run by smart business
people -- they can find a way of profiting from the objective relatities
the new digital world. 

Finally, we are starting to see the market reject these "end-to-end"
schemes, with the websites and mass returns of the Cactus Shield CD's in
Europe (and replacements with clean copies) (see
http://www.theregister.co.uk/content/4/22917.html ) -- best we
mercifully kill the "we can control what is in the hands of the user
(post-first-sale)" myth, and let the industry get on with the business
of finding business models that can be achieved with resorting to
unobtainium and "p-doped bolonium" semiconductors (from a April 1, story
on write-only memory).

The short story:

"There is no security without physical security." 
 (first law of dataproccessing security)
"If 'if's and 'but's were candy and nuts, we'd all have a very, merry
Christmas."  
 (i.e. wishing doesn't make it so) 

In constructive, contrarian tone. (which I'm sure is not popular with
those wanting to sell end-to-end DRM/TPM solutions)

John Zulauf
(in his guise as devil's advocate)

-- end qoute --

comments, critiques?

.002