the key difference between SSL and any kind of DRM is the fact that with SSL both parties (the certificate holder and the certificate authority) want to maintain their trust relationship.
with DRM the consumer is also the attacker. the consumer doesn't care if the relationship is maintained or not.
The cost of creation can be very high, the marginal cost can be zero; if you can't make back the cost of creation by selling (a pretty normal idea), where do you make it?
you cut costs. if you can't cut costs, then get out of the business.
If you can't make money, whats the incentive to keep producing?
there are plenty of reasons to make things that have nothing to do with money. if none of those reasons satisfy you, and you are disappointed with the money that you are making, then get out of the business.
One of the most pathetic elements of the modern era is that so many parents try to get the government to do their parenting for them.
except for when they don't. for every parent that wants the world dipped in foam rubber so their kid never has to learn about consequences, there is a parent who wants all textbooks changed to conform to their particular political bias.
and for each of those parents, there are two that just yell "don't tell me how to raise my kid!" whenever some one calls them out on their bad parenting decisions.
It's easy to see that another increment of hardware protection in combination with more robust encryption will in fact, become *unbreakable*. You can assert that it can't be, from history and "logic", but I think that we're within sight of it being true.
encryption is not DRM. DRM is based on a faulty implementation of encryption. DRM treats the intended recipient and the attacker as the same person. once the key is in the hands of the attacker, ALL encryption breaks down.
you can add hardware support, 4096bit keys, retina scans, and satellite thermal imaging, and it won't make a bit of difference because at the end of the day you are locking your precious cargo in a box and handing that box AND THE KEY to the attacker. there is never a happy ending to that story.
Even when easy software solutions for cracking are created, they don't go mainstream.
that's because they don't have to.
the stuff that people download has either been stripped of DRM prior to upload, or it never had it to begin with.
you don't need to know how to remove DRM to get pirated copies, you just need to know how to use google to find things to download.
DRM does NOTHING to stop unauthorized copying and distribution.
in fact, since unauthorized copies are free from the headaches that DRM imposes, DRM actually ENCOURAGES unauthorized copying and distribution.
companies are wasting money on technology that not only fails to stop the copying, it punishes your paying customers, turning some of them against you.
Yeah, it's like hiding a key under the mat so that paying customers can enter, and hoping that no one else bothers to look under the mat.
i liken it to having a the key tethered to the lock on a box. you can use more and more sophisticated locks with more and more elaborate keys, but someone is going to either duplicate the contents of the box after it's opened, or cut the tether on the key and make duplicates.
pretty much all DRM is based on a faulty implementation of symmetric key crypto:
alice wants to send a secret message to bob, so she encrypts the message using a key she and bob share, and since only bob has the other key, only alice and bob can read the clear text. if carol wants to read the message, she needs to some how break the cipher or obtain a key from alice or bob.
with DRM, bob is not just the recipient, he's also the attacker. since alice sent bob a key, in the form of an approved device or player application, all bob has to do get the key out of the device or application.
the reason that crypto works is that both alice and bob don't want their keys to fall into the wrong hands.
the reason that DRM doesn't work is that while alice has a fiduciary interest in controlling the key, bob does not. indeed, bob may be actively trying to leak the key in question.
Now, since we do not actually have products that meet the advertised specs, another player in the market is competition - and that is the only thing that can fix the market at this point.
suing a mobile phone maker or carrier for not delivering what they promised is like handing out speeding tickets at the indy 500.
the market for mobiles *alone* dwarfs all of akihabara in tokyo.
there are no market places like that in the US, which leads me to believe that the difference between american and chinese IP laws might have at least something to do with that.
if such a market were possible in the US (due to a number of factors in addition to IP laws, such as zoning) the american mobile phone market would probably be a lot different.
Even the article author notes that these are poor quality products.
no one is arguing that when compared to a phone that costs ten or twenty times as much these products are inferior. what i am arguing is that in the mobile market in the US, there isn't much room for products that are "good enough", "task specific" or simply economical
i think that this is due to the fact that with staggering licensing and R&D costs, the deck is pretty much stacked against new legitimate entrants to the market.
i was at a verizon store last year and i saw a couple lamenting the availability of simple phones. they didn't want music, texting, or data, they just wanted a basic phone and preferred verizon's network and were disappointed in the selection of no-frills phones. you see people chime in here from time to time with similar concerns and that seems to me to be just one example of the failure of the american mobile market.
i was thinking sort of along those lines in that i would like to see a decoupling of the phone hardware with the mobile service. so in instead of getting a phone with a SIM/ESN chip, i get a collection of mobile and/or fixed network devices that i add my mobile service credentials to.
then i could use a number of different, task or location specific devices to access my mobile service, like a desktop client on computer with a webcam, or a stationary hardware desk phone with a comfortable handset and high quality speakerphone, or a dedicated hands-free car kit that uses a high quality noise canceling mic and the car speakers.
this way, rather than having a separate service and phone number for each thing (VOIP, work phone, mobile phone) or requiring each of those things to connect and talk nicely with my mobile, each device would implement this client in hardware and always be connected. no more worries about leaving my phone somewhere, no more having 5 different phone numbers, and no more worries about battery life on my phone since i will have at least 3 other devices that can receive calls.
if separate devices all using the same credentials is impossible, and a single device is required, then why not make the device super small, like key fob or thumb-drive sized, no-frills, all battery, all antenna, and virtually indestructible? as in no screen or buttons, no interface at all, just a couple of LEDs to indicate service and signal quality. it would be made of high impact plastic or rubber with a water-tight seal on the power/data connector cover. then you could use blue tooth and/or some other combination of wired/wireless technologies (wifi + usb, perhaps?) to connect to various other devices? extra points for a full sized USB plug so i could charge/connect it by plugging it directly into different things.
this way, i can get online and receive calls and other messages from whatever device i happen to be near, be that a computer, a tablet/e-reader, a desk/home phone, or my car, or any combination thereof.
On the post: Denial Of Service Attacks On RIAA & MPAA Are A Really Dumb Idea
Re: Re: Re: amusing
fone phreaks actually predate hackers by a significant margin.
On the post: Intel Confirms HDCP Master Key Is Out
Re: Re: Re:
with DRM the consumer is also the attacker. the consumer doesn't care if the relationship is maintained or not.
On the post: Intel Confirms HDCP Master Key Is Out
Re: The definition of insanity
On the post: Filmmaker Insists That Only People Whose Livelihood Depends On Copyright Really Understand It
Re: Re: Re: Re: Re: Infinite goods?
you cut costs. if you can't cut costs, then get out of the business.
If you can't make money, whats the incentive to keep producing?
there are plenty of reasons to make things that have nothing to do with money. if none of those reasons satisfy you, and you are disappointed with the money that you are making, then get out of the business.
On the post: Police Misunderstand Internet Meme: Warn People About Pedobear
Re: Why don't you...
On the post: Groupon Photographer Caught Pretending Others' Photos Were Her Own... Group Pile On Fixes, Rather Than Copyright Law
Re:
no, anything you do in the interest of preventing theft of copyrighted materials is justifiable, up to and including theft and copyright infringement.
On the post: Anti-Violence Video Game Group Conducts Study Getting Parents To Ask For Anti-Violent Video Game Law
Re: An immodest Proposal
On the post: Anti-Violence Video Game Group Conducts Study Getting Parents To Ask For Anti-Violent Video Game Law
Re:
except for when they don't. for every parent that wants the world dipped in foam rubber so their kid never has to learn about consequences, there is a parent who wants all textbooks changed to conform to their particular political bias.
and for each of those parents, there are two that just yell "don't tell me how to raise my kid!" whenever some one calls them out on their bad parenting decisions.
On the post: How Much We're Missing From The Public Domain
Re: Re: Re: Re:
americans are also ugly, fat, and stupid.
On the post: Why It's Important Not To Call Copyright Infringement Theft
Re:
On the post: HDCP 'Master Key' Found? Another Form Of DRM Drops Dead
Re: As noted above, DRM stops casual thieves.
encryption is not DRM. DRM is based on a faulty implementation of encryption. DRM treats the intended recipient and the attacker as the same person. once the key is in the hands of the attacker, ALL encryption breaks down.
you can add hardware support, 4096bit keys, retina scans, and satellite thermal imaging, and it won't make a bit of difference because at the end of the day you are locking your precious cargo in a box and handing that box AND THE KEY to the attacker. there is never a happy ending to that story.
On the post: HDCP 'Master Key' Found? Another Form Of DRM Drops Dead
Re: Re: Re: Keeps "honest" people "honest"...
no, they don't. rapidshare etc. is just like downloading a file from a website.
if someone is too stupid to figure out how to download a zip file from a website, then they deserve to pay retail for shitty movies.
Yes, that is a growing percentage of the population, but still small compared to the DVD-buying population
that's an idea that is living on borrowed time.
it's never going to be any harder to share files than it is right now, and with every transfer the process gets easier and easier.
On the post: HDCP 'Master Key' Found? Another Form Of DRM Drops Dead
Re: Keeps "honest" people "honest"...
that's because they don't have to.
the stuff that people download has either been stripped of DRM prior to upload, or it never had it to begin with.
you don't need to know how to remove DRM to get pirated copies, you just need to know how to use google to find things to download.
DRM does NOTHING to stop unauthorized copying and distribution.
in fact, since unauthorized copies are free from the headaches that DRM imposes, DRM actually ENCOURAGES unauthorized copying and distribution.
companies are wasting money on technology that not only fails to stop the copying, it punishes your paying customers, turning some of them against you.
On the post: HDCP 'Master Key' Found? Another Form Of DRM Drops Dead
Re: Re: Re:
i liken it to having a the key tethered to the lock on a box. you can use more and more sophisticated locks with more and more elaborate keys, but someone is going to either duplicate the contents of the box after it's opened, or cut the tether on the key and make duplicates.
pretty much all DRM is based on a faulty implementation of symmetric key crypto:
alice wants to send a secret message to bob, so she encrypts the message using a key she and bob share, and since only bob has the other key, only alice and bob can read the clear text. if carol wants to read the message, she needs to some how break the cipher or obtain a key from alice or bob.
with DRM, bob is not just the recipient, he's also the attacker. since alice sent bob a key, in the form of an approved device or player application, all bob has to do get the key out of the device or application.
the reason that crypto works is that both alice and bob don't want their keys to fall into the wrong hands.
the reason that DRM doesn't work is that while alice has a fiduciary interest in controlling the key, bob does not. indeed, bob may be actively trying to leak the key in question.
On the post: Google Sued For Nexus One Suckiness
Re: Re: Market works how?
suing a mobile phone maker or carrier for not delivering what they promised is like handing out speeding tickets at the indy 500.
On the post: Bizarre Indian Anti-Piracy Group Says It Does DoS Attacks On File Sharing Operations
Re: Re: Seems like a short-term business plan
$5000 to have your wife murdered? ILLEGAL
$100 million in no-bid contracts to blackwater? TOTALLY LEGAL
On the post: If There Were No IP Restrictions, What Kind Of Mobile Devices Could You Build?
Re: Re: Re: But can you get ongoing hardware support or software updates?
maybe you don't understand the sheer size of the mobile market in shenzhen:
http://www.bunniestudios.com/blog/?p=287
the market for mobiles *alone* dwarfs all of akihabara in tokyo.
there are no market places like that in the US, which leads me to believe that the difference between american and chinese IP laws might have at least something to do with that.
if such a market were possible in the US (due to a number of factors in addition to IP laws, such as zoning) the american mobile phone market would probably be a lot different.
Even the article author notes that these are poor quality products.
no one is arguing that when compared to a phone that costs ten or twenty times as much these products are inferior. what i am arguing is that in the mobile market in the US, there isn't much room for products that are "good enough", "task specific" or simply economical
i think that this is due to the fact that with staggering licensing and R&D costs, the deck is pretty much stacked against new legitimate entrants to the market.
i was at a verizon store last year and i saw a couple lamenting the availability of simple phones. they didn't want music, texting, or data, they just wanted a basic phone and preferred verizon's network and were disappointed in the selection of no-frills phones. you see people chime in here from time to time with similar concerns and that seems to me to be just one example of the failure of the american mobile market.
On the post: If There Were No IP Restrictions, What Kind Of Mobile Devices Could You Build?
Re:
https://secure.wikimedia.org/wikipedia/en/wiki/Chaos_Computer_Club
the US never really had it.
On the post: If There Were No IP Restrictions, What Kind Of Mobile Devices Could You Build?
Re: Simple is better...
then i could use a number of different, task or location specific devices to access my mobile service, like a desktop client on computer with a webcam, or a stationary hardware desk phone with a comfortable handset and high quality speakerphone, or a dedicated hands-free car kit that uses a high quality noise canceling mic and the car speakers.
this way, rather than having a separate service and phone number for each thing (VOIP, work phone, mobile phone) or requiring each of those things to connect and talk nicely with my mobile, each device would implement this client in hardware and always be connected. no more worries about leaving my phone somewhere, no more having 5 different phone numbers, and no more worries about battery life on my phone since i will have at least 3 other devices that can receive calls.
if separate devices all using the same credentials is impossible, and a single device is required, then why not make the device super small, like key fob or thumb-drive sized, no-frills, all battery, all antenna, and virtually indestructible? as in no screen or buttons, no interface at all, just a couple of LEDs to indicate service and signal quality. it would be made of high impact plastic or rubber with a water-tight seal on the power/data connector cover. then you could use blue tooth and/or some other combination of wired/wireless technologies (wifi + usb, perhaps?) to connect to various other devices? extra points for a full sized USB plug so i could charge/connect it by plugging it directly into different things.
this way, i can get online and receive calls and other messages from whatever device i happen to be near, be that a computer, a tablet/e-reader, a desk/home phone, or my car, or any combination thereof.
On the post: If There Were No IP Restrictions, What Kind Of Mobile Devices Could You Build?
Re: But can you get ongoing hardware support or software updates?
right, like you won't do it anyway when the iphone 5 comes out, boasting 4g and iSomethingNew.
'Artificial rules' or not, building a good product and a reputable company takes a lot more than access to technology.
it also takes a lot more than monopoly control of an idea.
Next >>