Don't Buy The Open Source DRM Hype

from the useless dept

Back in 2005, we wrote about Sun's doomed plans to offer an "open source DRM" solution. Not surprisingly, that went nowhere fast. Last year, Tim Lee took apart the claims of "Marlin," a supposedly new "open source DRM" solution. As Tim noted, open source and DRM are a contradiction in terms. So, it's not clear why last week some were celebrating the latest version of Marlin. As some pointed out, just because it's open source, doesn't mean that it should be "blessed" by the tech crowd. DRM is about destroying options for what you can do with bits. Open source is about multiplying the options. To mix them together makes no sense.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: drm, marlin, open source


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Aiwanei, 30 Oct 2008 @ 6:56pm

    Nooo..

    actually DRM is about restricting the use of files that you have obtained either for money or for free. Open Source is about the idea of sharing source code so projects can be designed better, bugs can be found easier and a plethora of other things. Your analogy is just deeply flawed.

    link to this | view in chronology ]

    • identicon
      some old guy, 30 Oct 2008 @ 7:01pm

      Re: Nooo..

      I think you will find that 100% of the open source community disagrees with you there, Awanei.

      link to this | view in chronology ]

      • identicon
        Shaun Wilson, 30 Oct 2008 @ 8:03pm

        Re: Re: Nooo..

        The problem here is the definition of open source - I think we have to note Richard Stallman's objections here.

        "Free Software" is about freedom for both users and developers, with the necessity of it also being "Open Source" to comply with that definition.

        "Open Source" on it's own is more as Aiwanei stated being about "sharing source code so projects can be designed better..". Granted most "Open Source" software is "Free Software" leading therefore to most of the "Open Source" community to also be part of the "Free Software" community but there are exceptions.

        Microsoft, for example, is starting to enter the "Open Source" community (quite possibly for their famous Embrace, Extend, Extinguish approach) but it is doubtful that they would ever produce "Free Software" or be part of that community without a major shift in direction.

        link to this | view in chronology ]

  • identicon
    Stephen, 30 Oct 2008 @ 8:27pm

    DRM is going to die, be it if the companies producing the product have to pay for the software to manage the licenses, be it if the said companies get the DRM management software for free and continue to develop it in-house, or if said companies have to PAY the end user to use the service. When my machine dies due to reload/hard drive failure/upgrade, and after the song/movie/game/whatever dies, why did I put my money into whatever it was I `rented`?

    Piracy is rampant. I get it. I also know companies want to protect their product. I'm a software author and I am very fortunate that in a very niche market so the general public is not going to get my software, or have any real interest in my software. Yes, I DO have a type of PROTECTION in the software that at least informs me of how many times the software has been installed, just like Microsoft has with their Certificate of Authenticity. I allow the company to install the software on *WHATEVER* computer they want to. I understand upgrades. I understand hard drive failures. I understand viruses. I understand bad ram nuking the OS requiring a reload because of registry corruption. DRM doesn't understand ANY of that *ESPECIALLY* when their servers go offline. Hell, I look forward to when Microsoft starts not-validating XP as I've pretty much decided to never purchase Vista or Windows 7. Can't wait for that fireworks display.

    Commercial DRM, open source DRM, pay-the-user DRM... DRM is a losing fight. It doesn't make sense. You cannot trust DRM other than you know the server you purchased it from will go down one day.

    link to this | view in chronology ]

    • identicon
      d0n0vAn, 31 Oct 2008 @ 4:05am

      Re: when Microsoft starts not-validating XP

      Stephen, great comments. I do a lot of experimenting with my desktop at home. I ran XP for years and years while installing versions of BSD and Linux. Needless to say, I have wiped quite a few drives. I guess I've done this enough times that Microsoft will no longer validate my copy of XP Pro. At first I was unhappy, but then I realized that they did me a favor. I've also decided that I don't need Vista or Windows 7.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 30 Oct 2008 @ 10:09pm

    DRM Digital RENTAL Media

    Not 1 cent!

    link to this | view in chronology ]

  • icon
    PaulT (profile), 31 Oct 2008 @ 4:25am

    Now that DRM is starting to be rejected by the music industry, hopefully this won't matter anyway and other industries will follow suit.

    However, one of the big, unspoken problems about DRM is that is reinforces existing monopolies. Just as you still can't play DVDs and MP3s out of the box on a Red Hat install thanks to patent worries, so Linux in general will have problems breaking into the desktop market while a rival OS maker can lock down the content to its own products. I've heard many people complain that Linux "sucks" because game DRM stops WINE from being able to run the thing or because they can't play their iTunes DRM crap. While everything about Linux is improving at an incredible rate - everything from software installation to hardware support - this is going to be one sticking point that will be impossible to overcome while a competitor holds all the keys.

    While I despise DRM, this is why I think that Marlin is an important project. While, in many ways, open source and DRM are incompatible concepts, there can only be positives to having a DRM that's not tied to the platforms that one company deems fit. A DRM that can actually work on any platform, be it Linux, BSD, Windows, an old Amiga that someone found in a cupboard, whatever, would bee great. It could remove both the built-in obsolescence of DRM as well as the muscle it gives to maintaining monopolies.

    DRM is the devil's work of course, and the sooner we're rid of it completely the better. Like it or not, Marlin is one backup plan that we need to have in case the idiots in charge of the content don't accept the fact that locking it down is a very bad thing for them and for us.

    link to this | view in chronology ]

  • identicon
    Jan, 31 Oct 2008 @ 4:59am

    Why contradictory?

    Why would open source and DRM be a contradiction in terms? Yes, I also hope that DRM is going to die out... but this has nothing to do with open/closed source dichotomy. Open source is about open _source_ and not about open content.

    We can also have open source encryption tools and it is not at all contradictory with having closed emails and stuff that we encrypt with those tools.

    Open source is (and I think it should be) just about source and nothing else - BTW that's why I don't like GPLv3 because I think that it's not reasonable to 'give' someone your code and expect them to 'give' you code AND access to hardware or content or anything else.

    link to this | view in chronology ]

  • identicon
    Chris B, 31 Oct 2008 @ 6:57am

    Open Source DRM, Why Bother?

    We see how fast closed source DRM is cracked. If DRM is open sourced, wouldn't it be that much faster and easier to crack? So what's the point of DRM again?

    link to this | view in chronology ]

  • identicon
    Ima Fish, 31 Oct 2008 @ 7:01am

    I simply do not understand the point of open source DRM. First, because it is open source, the content industry will never trust it and will never adopt it. Second, even if it is widely adopted, it still screws over consumers and will be rejected in the market place.

    link to this | view in chronology ]

  • identicon
    Mike M, 31 Oct 2008 @ 11:26am

    Open Source DRM

    The original article and some of the comments are just way out there. The fact of the matter is that there are several open source technologies used everyday by all sizes of business to control content; DRM is no different.

    Just because the DRM stack is open source doesn't mean that the DRM will be more easily crackable (take a look at OpenSSL for a good comparison).

    Open source is a far too often used term that people apply to a movement, a method of software release, community sourced projects and so on and so on. I think you'll find that many members of many open source communities still protect their data (sometimes, gasp!, with open source operating systems).

    Open source is about providing the source of your software allowing others to benefit from the lessons it can teach. It's also many times about allowing others to alter the software for their own purposes. This benefits the community AND the project. Nothing in there precludes protecting the data used by open source applications.

    Now a creative commons DRM solution would be wacky, but not an open source DRM solution.

    link to this | view in chronology ]

  • identicon
    Dan, 31 Oct 2008 @ 1:13pm

    DRM will change

    Face it. DRM is here to stay. but it will change. Imagine, if you will, instead of restricting how it is used, identification tags buried deep in the code of mp3s, tying that song to a specific person. They could freely distribute if they want, but unless they scrub the IDs, it can be traced back to a specific person as the uploader.

    Most people wouldn't bother to strip out that kind of DRM, because it doesn't adversely affect them.

    link to this | view in chronology ]

  • identicon
    Yolo Pallino, 31 Oct 2008 @ 4:09pm

    If Sun Microsystems is pushing it then you know it is crap. All the good people left that company several years ago and in its place left that idiot CEO.

    link to this | view in chronology ]

  • identicon
    Allen, 31 Oct 2008 @ 8:38pm

    Why open source DRM won't work

    consider this psudo code
    if (validateSoftware())
    {
    PermitProgram();
    } else
    {
    exit();
    }

    To break the DRM all i would have to do is change it to this
    PermitProgram();

    Basically it will "validate" no matter what you do, and being open source there would be nothing to stop me from substituting their code for mine.

    link to this | view in chronology ]

  • identicon
    Mike M, 1 Nov 2008 @ 4:19am

    Open Source DRM

    Allen

    You are assuming that the data is in a format that can be read (i.e. not encrypted) and if so you are correct. Any DRM system that is worth it's salt (excuse the pun) won't allow this to happen. Part of the validation, (PermitProgram) will result in a key that can be used to decrypt the managed data.

    Changing PermitProgram(), or validateSoftware() isn't going to be able to result in a key that makes the data usable any more than existing DRM solutions are crackable.

    link to this | view in chronology ]

  • identicon
    Peter, 1 Nov 2008 @ 11:55am

    DRM Encryption

    I thought the main problem with DRM schemes (open or otherwise) is that the "secret" used to prevent you reading the data straight has to live on you device (or at least be accessible to it). Therefore, the only thing preventing you from decrypting the data and saving it in an unencrypted (non-DRM encumbered) form was a convoluted secret algorithm. If that algorithm is freely available, it should be trivial to hijack it to save plain-text versions of the data. That's why DMCA includes "don't tamper with the DRM": to stop you from doing the obvious.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Nov 2008 @ 7:22pm

    Apple's OS10 is open source, but it's far from free.

    link to this | view in chronology ]

    • identicon
      DanC, 3 Nov 2008 @ 6:48am

      Re:

      Apple's OS10 is open source, but it's far from free.

      Incorrect. The core of Mac OS X (Darwin) is open source, and is freely available.

      link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.