Douglas Crockford

Blog

Books

Videos

2019 Appearances

JavaScript

JSLint

JSON

Github

How JavaScript Works

About

February 2007

The Death of DRM

Last year, Apple narrowly avoided having its iTunes service declared illegal in France. They were not so lucky in Norway where iTunes has been determined to be in violation of law. At issue is the ironically named FairPlay DRM system which is intended to restrict material obtained from iTunes to use on only certain Apple-approved devices. FairPlay is the most successful DRM system in the world, so this action in Norway, which is likely to be replicated in other countries, is of great interest.

Chairman Steve addressed the state of FairPlay in Thoughts on Music. He gave a simple overview of DRM and why it does and doesn't work. He suggested three possible courses of action for Apple:

  1. Stay the course.
  2. License FairPlay to competitors.
  3. Abolish DRMs entirely.

The first option isn't viable because of the legal situation in Europe. The second option isn't viable because it would significantly weaken the robustness of the system, leading inevitably to failure. Ignoring reality as it does, RIAA favors the second option: "Apple's offer to license FairPlay to other technology companies is a welcome breakthrough and would be a real victory for fans, artists and labels."

Steve clearly favors the third option, but that option is not open to him without the approval of the Music Monopoly, the 4 companies that control the licenses of 70 of the world's music. Steve challenged the Europeans to tell The Man (EMI, Sony BMG, Vivendi, Warner) to remove the shackles.

Meanwhile, AACS has been demonstrating why the second option doesn't work. The AACS LA has admitted that muslix64 did in fact make copies of HD-DVD and Blu-Ray disks, but claims that the AACS itself was not broken. AACS is built on strong cryptographic algorithms, and AACS LA says that muslix64 was unable to compromise those algorithms. Which is true. He instead went after the key management aspects of the system in which the crypto engine exchanges keys with the drive. Apparently the device that muslix64 was using allowed him to intercept the keys, which he recovered and posted to the internets.

AACS LA is calling on its licensees to be more careful in following the Compliance and Robustness Rules. The design of AACS is such that its weakest link is outside of the direct control of AACS LA.

So, the company with the most commercially successful DRM system wants to abolish DRM entirely. And the most robust DRM system, which is required by the two leading contenders for the High Definition videodisc, has failed.

DRM was a fantasy developed to help the Media Machine resist the forces of change. A DRM system which prohibited illegal actions while permitting all legal actions would be a welcome thing, but to date no one has proposed a system that can do that. All of the DRM systems prevent some legal actions which is what got the Norwegians agitated. No DRM system can prevent piracy.

I think Steve is right. We should abolish DRM. Apple will embrace this wholeheartedly. So will I.

Seepy Twig

The Copy Protection Technical Working Group's next meeting is 10:00AM-Noon on March 8 at the Sheraton Gateway Hotel at LAX. The meeting is open to the public, except that members of the Press are not welcome. There is a cover charge of $120 which includes a buffet lunch and wifi access.

Since the last meeting, Steve Jobs called for the abolition of DRM, and muslix64 and Arnezami announced successful attacks on AACS, the DRM system in HD-DVD and Blu-Ray. The wheels of DRM are coming off. The promises made by the promoters of DRM technologies are not being kept.

The CPTWG was where a lot of Hollywood's DRM strategy was cooked up and pressed into the consumer electronics industry. So I expect that the next meeting will be an unusually interesting one. I was hoping to attend this historic event, but I have a more important obligation on that day. If you have a couple of hours free, I'd appreciate it if you could attend and then blog about what you heard.