DRM Take II — Digital Personal Property

Diabolus Advocatus writes "Ars Technica has an article on a new form of DRM being considered by the IEEE. It's called Digital Personal Property and although it removes some of the drawbacks of conventional DRM it introduces new drawbacks of its own. From the article: 'Digital personal property (DPP) is an attempt to make consumers treat digital media like physical objects. For instance, you might loan your car to a friend, a family member, or a neighbor. You might do so on many different occasions and for different lengths of time. But you are unlikely to leave the car out front of your house with the keys in it and a sign on it saying, "Take me!" If you did, you might never see the vehicle again. It's that ability to lose control over property that is central to the DPP system. DPP files are encrypted. They can be freely copied and distributed to anyone, but here's the trick: anyone who can view your content can also "steal" it irrevocably. The simple addition of a way to lose content instantly leads consumers to set up a "circle of trust" that can be as wide as they like but will not extend to total strangers on the Internet.'"

dear IEEE

[Anonymous Coward]

Dear IEEE,

No thanks.

Sincerely yours,

      Everybody

Whoops

[Microlith]

The IEEE fails to take into account something rather major here:

First, that sounds like a royal goddamn pain in the ass and I'm a freaking software engineer. There's a reason the iPod has been so popular.

They can be freely copied and distributed to anyone, but here's the trick: anyone who can view your content can also "steal" it irrevocably. The simple addition of a way to lose content instantly leads consumers to set up a "circle of trust" that can be as wide as they like but will not extend to total strangers on the Internet.'"

No it doesn't, it instantly leads to people who quickly and repeatedly lose access to things they pay for, as malicious script kiddies get into their machines that they've added to the latest and greatest botnet, copy the files off, and snag the key. I can see people jacking those keys being as popular as sniffing for world of warcraft accounts.

And it gets even more confusing:

. To access the content inside, however, you'll need the playkey, which is delivered to the buyer of a digital media file and lives within "tamper-protected circuit" inside some device (computer, cell phone, router) or online at a playkey bank account. Controlling the playkey means that you control the media, and you truly own it, since no part of the system needs to phone home, and it imposes no restrictions on copying (except for those that arise naturally from fear of loss).

So this key is moved into a tamper-protected circuit (irrelevant, no?) that is device exclusive. So you stick it in your phone so your music files only work there, or on your desktop and they only work there, or online and it's not even in your hands (but useless if you're not online) and this license can easily be moved around and if taken, fucks you permanently. But also somehow is magically secure enough that I can't just use it to decrypt the files and strip the DRM? And I can't somehow duplicate this key? What about key backups?

As dumb an idea as ever, I suggest the IEEE leave this one to rot in the dustbin, and stop letting the media companies push the tech industry around.

Hacked before they even began

[guruevi]

Since it obviously involves some type of key server to check against there are several ways from the very simple to very sophisticated. There are also several problems with it:

1) If the DRM permits on failure then that would be the simplest way to hack it, just block the server or specific queries to servers. If the DRM disallows on failure then a lot of people would be affected when a DDoS or a firewall/router 'problem' blocks the server somewhere upstream. This can off course be mitigated slightly by only disallowing after a certain time period, but that would require the keys to be stored either locally in the media file or locally in the media player. Both issues are simple to solve.

2) If the DRM uses a very central key server (hosted by the RIAA) that keeps track of all the 'stolen' keys then just distributing and submitting a rainbow table (easily accomplished through a botnet) of keys would be enough. If only few hold access to the key server, then there has to be some type of mechanism that finds and blocks the 'stolen' keys (where stolen is defined according to their dictionary, not the Standard English one, we would say copied to a public place). That mechanism will be very simple to either avoid (like blocking/allowing Google Bots) or mislead. Manually would be too time intensive and thus not work either.

3) If the central keys are held by the media sellers (eg. iTunes, Amazon, Microsoft) then it only takes a media seller to go out of business to have millions of files disappear. Also if the system has to be upgraded it will be very much fun to watch a) all systems synchronize their updates without downtime and b) maintain backwards compatibility. The option to 'hack' it in 2 is still valid especially when said sellers are big enough (Amazon and iTunes come to mind)

As with so many schemes for DRM it will not work and it will piss off the customers usually sooner than later. It will not be implemented and it will not be compatible with millions of devices/users out there. It is dead before it was even started. DRM does not work. It's akin to somebody making a perfect copy of your car (and/or license plate) and then driving off with the copy, you won't care, you won't know and/or you'll get in trouble for the other persons actions while you were the one that legitimately bought the car or applied for the license plate.

Re:It is only DRM+

[ShadowRangerRIT]

It seems to indicate that playkeys would be per file. And the cost to store a key maxes out at about half a KB (for an RSA prime number based system); substantially less if it uses either a private key style encryption system or an elliptic curve based public key system. So for your files, that would be around 2.5 MB at the outside, or as little as 80 KB. If this were implemented, I'd expect a gig or two of flash memory to be included with any hardware based system, which would handle somewhere between 2 million and 62.5 million keys (depending on size of key and size of included memory). Or they maintain a separate file or partition on a hard drive, which has it's own protected key (on the hardware device), thereby eliminating the need for special purpose storage, and removing the cap on the number of files.

I suspect this is as much about resetting DRM to a real standard as it is about DPP. Since DPP would require a DRM-like system, if DPP were accepted, everyone would have a DRM capable system based on community developed standards. This doesn't make it a good idea, but it's not quite as half-assed as you think.

Re:It is only DRM+

[amorsen]

mp3 and other lossy formats have as their whole point removing the kind of information you want to add -- sound that can't be heard. Compression is still a hot research topic with both academic and industry interests. In contrast, steganography is much more obscure. For now, the compression beats steganography.

Slashvertisement to another level

[vivaoporto]

Although it says "IEEE" in the summary, TFA name names:

That's the dream of Paul Sweazey, who's heading up a new study group on "digital personal property" at the IEEE.

A quick Google search brings his Linkedin profile [linkedin.com], along with his current job position:

President
TeleBind, Inc.

(Online Media industry)

February 2009 -- Present (8 months)

That leads us to his company homepage, Telebind Inc. [telebind.com] Not surprisingly, their sole product is "technology and tools to create ownable Digital Property".

This is nothing but a pitiful attempt to pass astroturfing as a peer (or standardization group) reviewed article. And it is more probable that not even he believe on his product, but want to suck a few into his scam, just like the ones who sold the rootkit to Sony.

Re:It is only DRM+

[fuzzyfuzzyfungus]

Depends. If you just want your name on it, no problem, virtually every reasonable media file format has some sort of metadata support. Sometimes it is even good; but even basic ID3v1 is good enough for the purpose.

If, however, you want identification that resists the efforts of hostile agents to remove it, you are pretty much out of luck. Any standard metadata, by virtue of being nice and standard, is trivially strippable. Trying to embed it in the sound itself is either audibly intrusive or inaudible. If it is audibly intrusive, that is obviously unacceptable. If it is inaudible, you run into the fact that the (quite talented) designers of lossy codecs have been honing their skills at removing inaudible data from sound for years. That's the whole point of lossy codecs. Even if there is some watermarking scheme that manages to be one step ahead, you still won't really have a "signature"; because it will only be readable by you. This is good enough for tracing the provenance of leaked copies, or catching tapers; but is useless if you want attribution, rather than forensic evidence.

None of those problems are likely to go away with future development. Metadata standard enough to be readable will always be strippable. Watermarks that are audible will always be intrusive(unless, of course, you are part of the song). Watermarks that are inaudible will always be vulnerable to being cut by lossy compression. Further, any watermarking technology that lets the public at large read watermarks, rather than being used solely for forensics, effectively becomes a clumsy form of standard metadata, and thus strippable. Even cryptographic methods won't work. A cryptographic signature is stops altered versions being distributed as the real thing; but it doesn't stop altered versions, with attribution stripped, from being created. Encryption can make the file useless to anybody; but you still have to let the intended recipient read it, and they can always create a plaintext copy, which brings you back to square one.

It is impossible to have attribution follow the file; but there are ways to demonstrate authorship on demand at any future time. So called "Trusted Timestamping" [wikipedia.org] services are available from a variety of outfits(most of the usual names in SSL certs, among others) and allow you to demonstrate cryptographically that a given file was timestamped by you on a given date and has not been altered since. If you timestamp all your work before it ships, you will clearly have the earliest timestamped copies that exist. This doesn't stop the distribution of stripped copies; but it does allow you to demonstrate that you possessed copies before any distribution occurred, on a particular date.

Re:It is only DRM+

[MoxFulder]

Unfortunately, it's not so easy to do this. When embedding a watermark, there are three fundamental approaches: ...

So it's not an easy problem, and as compression improves, option #2 there will get even harder over time.

That's a good summary. However, I believe digital watermarking has the same fundamental flaw as DRM: the means, expertise, and equipment to create and modify digital files are plentiful in this day and age.

Any idiot can copy a music file to a friend's computer. So DRM attempts to limit that easy copying, but as soon as it's broken, it's broken. Likewise, the bar is not much higher for being able to modify, edit, or sample a music file: audio editing software, MP3 encoders, tagging software, hex editors... all easily-available, easy-to-learn (with guides all over the web), and easy-to-use. So watermarks attempt to add a unique, recognizable, but unintrusive tag to that file, and they run back into the same issue that the underlying data is very easy to manipulate.

Contrast this situation with that of paper money, which often contains watermarks: The bar to "editing" or "copying" money is a lot higher. Sure, you can make a crappy copy of a $20 bill on a printer, but it won't turn out well. The recipes for real currency paper are secret and centralized, so difficult to steal. The physical equipment to print real money is extraordinarily large, immobile, and expensive, and easier to regulate since there are few legitimate, small-scale uses for things like color-changing ink and microprinting. Lastly, there are more, and smarter, serious guys with guns [secretservice.gov] who take a professional interest in counterfeiting than in file-sharing.

In my view, any purely technical means to limit the distribution or modification of digital data is bound to fail. I mean, we've spent decades trying to make digital data easy to copy and modify... and gosh, we've succeeded.

DRM and watermarks both rely on, essentially, an intentional obfuscation of data. But the means to detect (watermarks) or reverse (DRM) that obfuscation must then be widely distributed for them to be useful. Security through obscurity, minus most of the obscurity. Secure cryptosystems like PGP or SSL depend on a very small core of obscurity (a secret key) and construct elaborate safeguards and mechanisms to keep that secret key from ever traversing the network, and from "leaking" its content onto the data in a visible way. And still flaws are sometimes found. DRM takes that secret key and spreads it around all over the place. Lame.

Re:It is only DRM+

[42forty-two42]

Here's how I'd break this:

Buy a copy of the ebook.
Now have a friend buy another copy.

Compare the two copies, zero out (or otherwise remove) any differences. Done.