[Linux-aus] Microsoft Office 2003 lock-in via DRM

Stewart Smith stewartsmith at mac.com
Wed Sep 3 11:51:02 UTC 2003 

Les Bell said:
> I've just been having some discussions about this very topic in Another
> Place. The general opinion seems to be that it's not possible to
> implement an open source DRM system; someone quoted me Bruce Schneier:

I'd argue that it's not possible *at all* to implement a DRM system. So,
if I run my Wanky MasterPlayer that only lets me play my purchased music
on the first thursday of every month (after sacrificing the goat) - what's
to stop me getting the Driver Development kit and writing a sound card
driver that just writes the bits back to disk? or bulding hardware that
does this same thing? or hooking up something to the digital output of my
sound card?
Unless they want to go down the route of having MS certify and digitally
sign *every* driver and pour over *every* line of source. Hey, we could
probably just use another exploit in the system to get at the data.
It is possible to do it when all parts are under your control (e.g. only
being able to load signed kernel modules), but becomes difficult (read:
impossible) when we want to deal with data on a system that we don't have
complete control over.
It's all a matter of trust - and it's evident that MS, many music
companies and movie places DO NOT trust their users. If this is the case,
then they shouldn't give any content to anyone they don't trust.
If there is good content, good (and fair and well priced) distribution
methods for content, people *will* use them. One great example is the
success of the Apple online Music store. Minimal DRM (too much for what I
like, but i'm surprised they managed to get away with so little) and lots
of sales.
> "Any system where the device and the secrets within the device are
> under the control of different people has a fundamental security flaw."
> and I tend to believe that what Bruce Schneier says is true.

This is so true it's not funny :)

It's especially interesting what with my work and research into secure
systems such as Walnut (and the problem of how do you back up a secure
system without breaking the security). i'll be happy to rant on that,
asking ppl doing research about their area of research always makes them
feel happy :)

--------
Stewart Smith
stewart at linux.org.au

More information about the linux-aus mailing list