So you encipher your message with something like ROT-13, where every character is rotated halfway through the alphabet. They used to do this with non-worksafe material on Usenet, back when anyone on Usenet cared about work-safe-ness -- A would become N, B is O, C is P, and so forth. To decipher, you just add 13 more, so N goes to A, O to B yadda yadda.
Well, this is pretty lame: as soon as anyone figures out your algorithm, your secret is g0nez0red.
So if you're Caesar, you spend a lot of time worrying about keeping the existence of your messengers and their payloads secret. Get that? You're Augustus and you need to send a message to Brad without Caceous (a word I'm reliably informed means "cheese-like, or pertaining to cheese") getting his hands on it. You give the message to Diatomaceous, the fleetest runner in the empire, and you encipher it with ROT-13 and send him out of the garrison in the pitchest hour of the night, making sure no one knows that you've sent it out. Caceous has spies everywhere, in the garrison and staked out on the road, and if one of them puts an arrow through Diatomaceous, they'll have their hands on the message, and then if they figure out the cipher, you're b0rked. So the existence of the message is a secret. The cipher is a secret. The ciphertext is a secret. That's a lot of secrets, and the more secrets you've got, the less secure you are, especially if any of those secrets are shared. Shared secrets aren't really all that secret any longer.
Time passes, stuff happens, and then Tesla invents the radio and Marconi takes credit for it. This is both good news and bad news for crypto: on the one hand, your messages can get to anywhere with a receiver and an antenna, which is great for the brave fifth columnists working behind the enemy lines. On the other hand, anyone with an antenna can listen in on the message, which means that it's no longer practical to keep the existence of the message a secret. Any time Adolf sends a message to Berlin, he can assume Churchill overhears it.
Which is OK, because now we have computers -- big, bulky primitive mechanical computers, but computers still. Computers are machines for rearranging numbers, and so scientists on both sides engage in a fiendish competition to invent the most cleverest method they can for rearranging numerically represented text so that the other side can't unscramble it. The existence of the message isn't a secret anymore, but the cipher is.
But this is still too many secrets. If Bobby intercepts one of Adolf's Enigma machines, he can give Churchill all kinds of intelligence. I mean, this was good news for Churchill and us, but bad news for Adolf. And at the end of the day, it's bad news for anyone who wants to keep a secret.
Enter keys: a cipher that uses a key is still more secure. Even if the cipher is disclosed, even if the ciphertext is intercepted, without the key (or a break), the message is secret. Post-war, this is doubly important as we begin to realize what I think of as Schneier's Law: "any person can invent a security system so clever that she or he can't think of how to break it." This means that the only experimental methodology for discovering if you've made mistakes in your cipher is to tell all the smart people you can about it and ask them to think of ways to break it. Without this critical step, you'll eventually end up living in a fool's paradise, where your attacker has broken your cipher ages ago and is quietly decrypting all her intercepts of your messages, snickering at you.
Best of all, there's only one secret: the key. And with dual-key crypto it becomes a lot easier for Alice and Bob to keep their keys secret from Carol, even if they've never met. So long as Alice and Bob can keep their keys secret, they can assume that Carol won't gain access to their cleartext messages, even though she has access to the cipher and the ciphertext. Conveniently enough, the keys are the shortest and simplest of the secrets, too: hence even easier to keep away from Carol. Hooray for Bob and Alice.
Now, let's apply this to DRM.
In DRM, the attacker is also the recipient. It's not Alice and Bob and Carol, it's just Alice and Bob. Alice sells Bob a DVD. She sells Bob a DVD player. The DVD has a movie on it -- say, Pirates of the Caribbean -- and it's enciphered with an algorithm called CSS -- Content Scrambling System. The DVD player has a CSS un-scrambler.
Now, let's take stock of what's a secret here: the cipher is well-known. The ciphertext is most assuredly in enemy hands, arrr. So what? As long as the key is secret from the attacker, we're golden.
But there's the rub. Alice wants Bob to buy Pirates of the Caribbean from her. Bob will only buy Pirates of the Caribbean if he can descramble the CSS-encrypted VOB -- video object -- on his DVD player. Otherwise, the disc is only useful to Bob as a drinks-coaster. So Alice has to provide Bob -- the attacker -- with the key, the cipher and the ciphertext.
DRM systems are usually broken in minutes, sometimes days. Rarely, months. It's not because the people who think them up are stupid. It's not because the people who break them are smart. It's not because there's a flaw in the algorithms. At the end of the day, all DRM systems share a common vulnerability: they provide their attackers with ciphertext, the cipher and the key. At this point, the secret isn't a secret anymore.
2. DRM systems are bad for society
Raise your hand if you're thinking something like, "But DRM doesn't have to be proof against smart attackers, only average individuals! It's like a speedbump!"
Put your hand down.
This is a fallacy for two reasons: one technical, and one social. They're both bad for society, though.
Here's the technical reason: I don't need to be a cracker to break your DRM. I only need to know how to search Google, or Kazaa, or any of the other general-purpose search tools for the cleartext that someone smarter than me has extracted.
Raise your hand if you're thinking something like, "But NGSCB can solve this problem: we'll lock the secrets up on the logic board and goop it all up with epoxy."
Put your hand down.
Raise your hand if you're a co-author of the Darknet paper.
Everyone in the first group, meet the co-authors of the Darknet paper. This is a paper that says, among other things, that DRM will fail for this very reason. Put your hands down, guys.
Here's the social reason that DRM fails: keeping an honest user honest is like keeping a tall user tall. DRM vendors tell us that their technology is meant to be proof against average users, not organized criminal gangs like the Ukrainian pirates who stamp out millions of high-quality counterfeits. It's not meant to be proof against sophisticated college kids. It's not meant to be proof against anyone who knows how to edit her registry, or hold down the shift key at the right moment, or use a search engine. At the end of the day, the user DRM is meant to defend against is the most unsophisticated and least capable among us.
Here's a true story about a user I know who was stopped by DRM. She's smart, college educated, and knows nothing about electronics. She has three kids. She has a DVD in the living room and an old VHS deck in the kids' playroom. One day, she brought home the Toy Story DVD for the kids. That's a substantial investment, and given the generally jam-smeared character of everything the kids get their paws on, she decided to tape the DVD off to VHS and give that to the kids -- that way she could make a fresh VHS copy when the first one went south. She cabled her DVD into her VHS and pressed play on the DVD and record on the VCR and waited.
Before I go farther, I want us all to stop a moment and marvel at this. Here is someone who is practically technophobic, but who was able to construct a mental model of sufficient accuracy that she figured out that she could connect her cables in the right order and dub her digital disc off to analog tape. I imagine that everyone in this room is the front-line tech support for someone in her or his family: wouldn't it be great if all our non-geek friends and relatives were this clever and imaginative?
I also want to point out that this is the proverbial honest user. She's not making a copy for the next door neighbors. She's not making a copy and selling it on a blanket on Canal Street. She's not ripping it to her hard-drive, DivX encoding it and putting it in her Kazaa sharepoint. She's doing something honest -- moving it from one format to another. She's home taping.
Except she fails. There's a DRM system called Macrovision embedded -- by law -- in every VHS that messes with the vertical blanking interval in the signal and causes any tape made in this fashion to fail. Macrovision can be defeated for about $10 with a gadget readily available on eBay. But our infringer doesn't know that. She's "honest." Technically unsophisticated. Not stupid, mind you -- just naive.
The Darknet paper addresses this possibility: it even predicts what this person will do in the long run: she'll find out about Kazaa and the next time she wants to get a movie for the kids, she'll download it from the net and burn it for them.
In order to delay that day for as long as possible, our lawmakers and big rightsholder interests have come up with a disastrous policy called anticircumvention.
Here's how anticircumvention works: if you put a lock -- an access control -- around a copyrighted work, it is illegal to break that lock. It's illegal to make a tool that breaks that lock. It's illegal to tell someone how to make that tool. One court even held it illegal to tell someone where she can find out how to make that tool.
Remember Schneier's Law? Anyone can come up with a security system so clever that he can't see its flaws. The only way to find the flaws in security is to disclose the system's workings and invite public feedback. But now we live in a world where any cipher used to fence off a copyrighted work is off-limits to that kind of feedback. That's something that a Princeton engineering prof named Ed Felten and his team discovered when he submitted a paper to an academic conference on the failings in the Secure Digital Music Initiative, a watermarking scheme proposed by the recording industry. The RIAA responded by threatening to sue his ass if he tried it. We fought them because Ed is the kind of client that impact litigators love: unimpeachable and clean-cut and the RIAA folded. Lucky Ed. Maybe the next guy isn't so lucky.
Matter of fact, the next guy wasn't. Dmitry Sklyarov is a Russian programmer who gave a talk at a hacker con in Vegas on the failings in Adobe's e-book locks. The FBI threw him in the slam for 30 days. He copped a plea, went home to Russia, and the Russian equivalent of the State Department issued a blanket warning to its researchers to stay away from American conferences, since we'd apparently turned into the kind of country where certain equations are illegal.
Anticircumvention is a powerful tool for people who want to exclude competitors. If you claim that your car engine firmware is a "copyrighted work," you can sue anyone who makes a tool for interfacing with it. That's not just bad news for mechanics -- think of the hotrodders who want to chip their cars to tweak the performance settings. We have companies like Lexmark claiming that their printer cartridges contain copyrighted works -- software that trips an "I am empty" flag when the toner runs out, and have sued a competitor who made a remanufactured cartridge that reset the flag. Even garage-door opener companies have gotten in on the act, claiming that their receivers' firmware are copyrighted works. Copyrighted cars, print carts and garage-door openers: what's next, copyrighted light-fixtures?
Even in the context of legitimate -- excuse me, "traditional" -- copyrighted works like movies on DVDs, anticircumvention is bad news. Copyright is a delicate balance. It gives creators and their assignees some rights, but it also reserves some rights to the public. For example, an author has no right to prohibit anyone from transcoding his books into assistive formats for the blind. More importantly, though, a creator has a very limited say over what you can do once you lawfully acquire her works. If I buy your book, your painting, or your DVD, it belongs to me. It's my property. Not my "intellectual property" -- a whacky kind of pseudo-property that's swiss-cheesed with exceptions, easements and limitations -- but real, no-fooling, actual tangible property -- the kind of thing that courts have been managing through property law for centuries.
But anticirumvention lets rightsholders invent new and exciting copyrights for themselves -- to write private laws without accountability or deliberation -- that expropriate your interest in your physical property to their favor. Region-coded DVDs are an example of this: there's no copyright here or in anywhere I know of that says that an author should be able to control where you enjoy her creative works, once you've paid for them. I can buy a book and throw it in my bag and take it anywhere from Toronto to Timbuktu, and read it wherever I am: I can even buy books in America and bring them to the UK, where the author may have an exclusive distribution deal with a local publisher who sells them for double the US shelf-price. When I'm done with it, I can sell it on or give it away in the UK. Copyright lawyers call this "First Sale," but it may be simpler to think of it as "Capitalism."
The keys to decrypt a DVD are controlled by an org called DVD-CCA, and they have a bunch of licensing requirements for anyone who gets a key from them. Among these is something called region-coding: if you buy a DVD in France, it'll have a flag set that says, "I am a European DVD." Bring that DVD to America and your DVD player will compare the flag to its list of permitted regions, and if they don't match, it will tell you that it's not allowed to play your disc.
Remember: there is no copyright that says that an author gets to do this. When we wrote the copyright statutes and granted authors the right to control display, performance, duplication, derivative works, and so forth, we didn't leave out "geography" by accident. That was on-purpose.
So when your French DVD won't play in America, that's not because it'd be illegal to do so: it's because the studios have invented a business-model and then invented a copyright law to prop it up. The DVD is your property and so is the DVD player, but if you break the region-coding on your disc, you're going to run afoul of anticircumvention.
That's what happened to Jon Johansen, a Norwegian teenager who wanted to watch French DVDs on his Norwegian DVD player. He and some pals wrote some code to break the CSS so that he could do so. He's a wanted man here in America; in Norway the studios put the local fuzz up to bringing him up on charges of unlawfully trespassing upon a computer system. When his defense asked, "Which computer has Jon trespassed upon?" the answer was: "His own."
His no-fooling, real and physical property has been expropriated by the weird, notional, metaphorical intellectual property on his DVD: DRM only works if your record player becomes the property of whomever's records you're playing.
3. DRM systems are bad for biz
This is the worst of all the ideas embodied by DRM: that people who make record-players should be able to spec whose records you can listen to, and that people who make records should have a veto over the design of record-players.
We've never had this principle: in fact, we've always had just the reverse. Think about all the things that can be plugged into a parallel or serial interface, which were never envisioned by their inventors. Our strong economy and rapid innovation are byproducts of the ability of anyone to make anything that plugs into anything else: from the Flo-bee electric razor that snaps onto the end of your vacuum-hose to the octopus spilling out of your car's dashboard lighter socket, standard interfaces that anyone can build for are what makes billionaires out of nerds.
The courts affirm this again and again. It used to be illegal to plug anything that didn't come from AT&T into your phone-jack. They claimed that this was for the safety of the network, but really it was about propping up this little penny-ante racket that AT&T had in charging you a rental fee for your phone until you'd paid for it a thousand times over.
When that ban was struck down, it created the market for third-party phone equipment, from talking novelty phones to answering machines to cordless handsets to headsets -- billions of dollars of economic activity that had been suppressed by the closed interface. Note that AT&T was one of the big beneficiaries of this: they also got into the business of making phone-kit.
DRM is the software equivalent of these closed hardware interfaces. Robert Scoble is a Softie who has an excellent blog, where he wrote an essay about the best way to protect your investment in the digital music you buy. Should you buy Apple iTunes music, or Microsoft DRM music? Scoble argued that Microsoft's music was a sounder investment, because Microsoft would have more downstream licensees for its proprietary format and therefore you'd have a richer ecosystem of devices to choose from when you were shopping for gizmos to play your virtual records on.
What a weird idea: that we should evaluate our record-purchases on the basis of which recording company will allow the greatest diversity of record-players to play its discs! That's like telling someone to buy the Betamax instead of the Edison Kinetoscope because Thomas Edison is a crank about licensing his patents; all the while ignoring the world's relentless march to the more open VHS format.
It's a bad business. DVD is a format where the guy who makes the records gets to design the record players. Ask yourself: how much innovation has there been over the past decade of DVD players? They've gotten cheaper and smaller, but where are the weird and amazing new markets for DVD that were opened up by the VCR? There's a company that's manufacturing the world's first HDD-based DVD jukebox, a thing that holds 100 movies, and they're charging $27,000 for this thing. We're talking about a few thousand dollars' worth of components -- all that other cost is the cost of anticompetition.
4. DRM systems are bad for artists
But what of the artist? The hardworking filmmaker, the ink-stained scribbler, the heroin-cured leathery rock-star? We poor slobs of the creative class are everyone's favorite poster-children here: the RIAA and MPAA hold us up and say, "Won't someone please think of the children?" File-sharers say, "Yeah, we're thinking about the artists, but the labels are The Man, who cares what happens to you?"
To understand what DRM does to artists, you need to understand how copyright and technology interact. Copyright is inherently technological, since the things it addresses -- copying, transmitting, and so on -- are inherently technological.
The piano roll was the first system for cheaply copying music. It was invented at a time when the dominant form of entertainment in America was getting a talented pianist to come into your living room and pound out some tunes while you sang along. The music industry consisted mostly of sheet-music publishers.
The player piano was a digital recording and playback system. Piano-roll companies bought sheet music and ripped the notes printed on it into 0s and 1s on a long roll of computer tape, which they sold by the thousands -- the hundreds of thousands -- the millions. They did this without a penny's compensation to the publishers. They were digital music pirates. Arrrr!
Predictably, the composers and music publishers went nutso. Sousa showed up in Congress to say that:
These talking machines are going to ruin the
artistic development of music in this
country. When I was a boy...in front of every
house in the summer evenings, you would find
young people together singing the songs of
the day or old songs. Today you hear these
infernal machines going night and day. We
will not have a vocal chord left. The vocal
chord will be eliminated by a process of
evolution, as was the tail of man when he
came from the ape.
The publishers asked Congress to ban the piano roll and to create a law that said that any new system for reproducing music should be subject to a veto from their industry association. Lucky for us, Congress realized what side of their bread had butter on it and decided not to criminalize the dominant form of entertainment in America.
But there was the problem of paying artists. The Constitution sets out the purpose of American copyright: to promote the useful arts and sciences. The composers had a credible story that they'd do less composing if they weren't paid for it, so Congress needed a fix. Here's what they came up with: anyone who paid a music publisher two cents would have the right to make one piano roll of any song that publisher published. The publisher couldn't say no, and no one had to hire a lawyer at $200 an hour to argue about whether the payment should be two cents or a nickel.
This compulsory license is still in place today: when Joe Cocker sings "With a Little Help from My Friends," he pays a fixed fee to the Beatles' publisher and away he goes -- even if Ringo hates the idea. If you ever wondered how Sid Vicious talked Anka into letting him get a crack at "My Way," well, now you know.
That compulsory license created a world where a thousand times more money was made by a thousand times more creators who made a thousand times more music that reached a thousand times more people.
This story repeats itself throughout the technological century, every ten or fifteen years. Radio was enabled by a voluntary blanket license -- the music companies got together and asked for a consent decree so that they could offer all their music for a flat fee. Cable TV took a compulsory: the only way cable operators could get their hands on broadcasts was to pirate them and shove them down the wire, and Congress saw fit to legalize this practice rather than screw around with their constituents' TVs.
Sometimes, the courts and Congress decided to simply take away a copyright -- that's what happened with the VCR. When Sony brought out the VCR in 1976, the studios had already decided what the experience of watching a movie in your living room would look like: they'd licensed out their programming for use on a machine called a Discovision, which played big LP-sized discs that were read-only. Proto-DRM.
The copyright scholars of the day didn't give the VCR very good odds. Sony argued that their box allowed for a fair use, which is defined as a use that a court rules is a defense against infringement based on four factors: whether the use transforms the work into something new, like a collage; whether it uses all or some of the work; whether the work is artistic or mainly factual; and whether the use undercuts the creator's business-model.
The Betamax failed on all four fronts: when you time-shifted or duplicated a Hollywood movie off the air, you made a non-transformative use of 100 percent of a creative work in a way that directly undercut the Discovision licensing stream.
Jack Valenti, the mouthpiece for the motion-picture industry, told Congress in 1982 that the VCR was to the American film industry "as the Boston Strangler is to a woman home alone."
But the Supreme Court ruled against Hollywood in 1984, when it determined that any device capable of a substantial non-infringing use was legal. In other words, "We don't buy this Boston Strangler business: if your business model can't survive the emergence of this general-purpose tool, it's time to get another business-model or go broke."