Don't Buy The Open Source DRM Hype
from the useless dept
Back in 2005, we wrote about Sun's doomed plans to offer an "open source DRM" solution. Not surprisingly, that went nowhere fast. Last year, Tim Lee took apart the claims of "Marlin," a supposedly new "open source DRM" solution. As Tim noted, open source and DRM are a contradiction in terms. So, it's not clear why last week some were celebrating the latest version of Marlin. As some pointed out, just because it's open source, doesn't mean that it should be "blessed" by the tech crowd. DRM is about destroying options for what you can do with bits. Open source is about multiplying the options. To mix them together makes no sense.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: drm, marlin, open source
Reader Comments
Subscribe: RSS
View by: Time | Thread
Nooo..
[ link to this | view in chronology ]
Re: Nooo..
[ link to this | view in chronology ]
Re: Re: Nooo..
"Free Software" is about freedom for both users and developers, with the necessity of it also being "Open Source" to comply with that definition.
"Open Source" on it's own is more as Aiwanei stated being about "sharing source code so projects can be designed better..". Granted most "Open Source" software is "Free Software" leading therefore to most of the "Open Source" community to also be part of the "Free Software" community but there are exceptions.
Microsoft, for example, is starting to enter the "Open Source" community (quite possibly for their famous Embrace, Extend, Extinguish approach) but it is doubtful that they would ever produce "Free Software" or be part of that community without a major shift in direction.
[ link to this | view in chronology ]
Piracy is rampant. I get it. I also know companies want to protect their product. I'm a software author and I am very fortunate that in a very niche market so the general public is not going to get my software, or have any real interest in my software. Yes, I DO have a type of PROTECTION in the software that at least informs me of how many times the software has been installed, just like Microsoft has with their Certificate of Authenticity. I allow the company to install the software on *WHATEVER* computer they want to. I understand upgrades. I understand hard drive failures. I understand viruses. I understand bad ram nuking the OS requiring a reload because of registry corruption. DRM doesn't understand ANY of that *ESPECIALLY* when their servers go offline. Hell, I look forward to when Microsoft starts not-validating XP as I've pretty much decided to never purchase Vista or Windows 7. Can't wait for that fireworks display.
Commercial DRM, open source DRM, pay-the-user DRM... DRM is a losing fight. It doesn't make sense. You cannot trust DRM other than you know the server you purchased it from will go down one day.
[ link to this | view in chronology ]
Re: when Microsoft starts not-validating XP
[ link to this | view in chronology ]
Not 1 cent!
[ link to this | view in chronology ]
However, one of the big, unspoken problems about DRM is that is reinforces existing monopolies. Just as you still can't play DVDs and MP3s out of the box on a Red Hat install thanks to patent worries, so Linux in general will have problems breaking into the desktop market while a rival OS maker can lock down the content to its own products. I've heard many people complain that Linux "sucks" because game DRM stops WINE from being able to run the thing or because they can't play their iTunes DRM crap. While everything about Linux is improving at an incredible rate - everything from software installation to hardware support - this is going to be one sticking point that will be impossible to overcome while a competitor holds all the keys.
While I despise DRM, this is why I think that Marlin is an important project. While, in many ways, open source and DRM are incompatible concepts, there can only be positives to having a DRM that's not tied to the platforms that one company deems fit. A DRM that can actually work on any platform, be it Linux, BSD, Windows, an old Amiga that someone found in a cupboard, whatever, would bee great. It could remove both the built-in obsolescence of DRM as well as the muscle it gives to maintaining monopolies.
DRM is the devil's work of course, and the sooner we're rid of it completely the better. Like it or not, Marlin is one backup plan that we need to have in case the idiots in charge of the content don't accept the fact that locking it down is a very bad thing for them and for us.
[ link to this | view in chronology ]
Why contradictory?
We can also have open source encryption tools and it is not at all contradictory with having closed emails and stuff that we encrypt with those tools.
Open source is (and I think it should be) just about source and nothing else - BTW that's why I don't like GPLv3 because I think that it's not reasonable to 'give' someone your code and expect them to 'give' you code AND access to hardware or content or anything else.
[ link to this | view in chronology ]
Open Source DRM, Why Bother?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Open Source DRM
Just because the DRM stack is open source doesn't mean that the DRM will be more easily crackable (take a look at OpenSSL for a good comparison).
Open source is a far too often used term that people apply to a movement, a method of software release, community sourced projects and so on and so on. I think you'll find that many members of many open source communities still protect their data (sometimes, gasp!, with open source operating systems).
Open source is about providing the source of your software allowing others to benefit from the lessons it can teach. It's also many times about allowing others to alter the software for their own purposes. This benefits the community AND the project. Nothing in there precludes protecting the data used by open source applications.
Now a creative commons DRM solution would be wacky, but not an open source DRM solution.
[ link to this | view in chronology ]
DRM will change
Most people wouldn't bother to strip out that kind of DRM, because it doesn't adversely affect them.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Why open source DRM won't work
if (validateSoftware())
{
PermitProgram();
} else
{
exit();
}
To break the DRM all i would have to do is change it to this
PermitProgram();
Basically it will "validate" no matter what you do, and being open source there would be nothing to stop me from substituting their code for mine.
[ link to this | view in chronology ]
Open Source DRM
You are assuming that the data is in a format that can be read (i.e. not encrypted) and if so you are correct. Any DRM system that is worth it's salt (excuse the pun) won't allow this to happen. Part of the validation, (PermitProgram) will result in a key that can be used to decrypt the managed data.
Changing PermitProgram(), or validateSoftware() isn't going to be able to result in a key that makes the data usable any more than existing DRM solutions are crackable.
[ link to this | view in chronology ]
DRM Encryption
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Incorrect. The core of Mac OS X (Darwin) is open source, and is freely available.
[ link to this | view in chronology ]