Microsoft Research DRM Talk

By Cory Doctorow

(This is an excerpt of a talk was originally given to Microsoft’s Research Group and other interested parties from within the company at their Redmond offices on June 17, 2004)

Greetings fellow pirates! Arrrrr!

I’m here today to talk to you about copyright, technology, and DRM. I work for the Electronic Frontier Foundation on copyright stuff (mostly), and I live in London. I’m not a lawyer—I’m a kind of mouthpiece/activist type, though occasionally they shave me and stuff me into my Bar Mitzvah suit and send me to a standards body or the UN to stir up trouble. I spend about three weeks a month on the road doing completely weird stuff like going to Microsoft to talk about DRM.

I lead a double life: I’m also a science fiction writer. That means I’ve got a dog in this fight, because I’ve been dreaming of making my living from writing since I was 12 years old. Admittedly, my IP-based biz isn’t as big as yours, but I guarantee you that it’s every bit as important to me as yours is to you.

Here’s what I’m here to convince you of:

  1. That DRM systems don’t work
  2. That DRM systems are bad for society
  3. That DRM systems are bad for business
  4. That DRM systems are bad for artists
  5. That DRM is a bad business-move for MSFT

It’s a big brief, this talk. Microsoft has sunk a lot of capital into DRM systems, and spent a lot of time sending folks like Martha and Brian and Peter around to various smoke-filled rooms to make sure that Microsoft DRM finds a hospitable home in the future world. Companies like Microsoft steer like old Buicks, and this issue has a lot of forward momentum that will be hard to soak up without driving the engine block back into the driver’s compartment. At best I think that Microsoft might convert some of that momentum on DRM into angular momentum, and in so doing, save all our asses.

Let’s dive into it.

1. DRM systems don’t work

This bit breaks down into two parts:

  1. A quick refresher course in crypto theory
  2. Applying that to DRM

Cryptography—secret writing—is the practice of keeping secrets. It involves three parties: a sender, a receiver, and an attacker (actually, there can be more attackers, senders, and recipients, but let’s keep this simple). We usually call these people Alice, Bob, and Carol.

Let’s say we’re in the days of the Caesar, the Gallic War. You need to send messages back and forth to your generals, and you’d prefer that the enemy doesn’t get hold of them. You can rely on the idea that anyone who intercepts your message is probably illiterate, but that’s a tough bet to stake your empire on. You can put your messages into the hands of reliable messengers who’ll chew them up and swallow them if captured—but that doesn’t help you if Brad Pitt and his men in skirts skewer him with an arrow before he knows what’s hit him.

So you encipher your message with something like ROT-13, where every character is rotated halfway through the alphabet. They used to do this with non-worksafe material on Usenet, back when anyone on Usenet cared about work-safe-ness—A would become N, B is O, C is P, and so forth. To decipher, you just add 13 more, so N goes to A, O to B, yadda yadda.

Well, this is pretty lame: as soon as anyone figures out your algorithm, your secret is g0nez0red.

So if you’re Caesar, you spend a lot of time worrying about keeping the existence of your messengers and their payloads secret. Get that? You’re Augustus and you need to send a message to Brad without Caceous (a word I’m reliably informed means “cheese-like, or pertaining to cheese”) getting his hands on it. You give the message to Diatomaceous, the fleetest runner in the empire, and you encipher it with ROT-13 and send him out of the garrison in the pitchest hour of the night, making sure no one knows you’ve sent it out. Caceous has spies everywhere, in the garrison and staked out on the road, and if one of them puts an arrow through Diatomaceous, they’ll have their hands on the message, and then if they figure out the cipher, you’re b0rked. So the existence of the message is a secret. The cipher is a secret. The ciphertext is a secret. That’s a lot of secrets, and the more secrets you’ve got, the less secure you are, especially if any of those secrets are shared. Shared secrets aren’t really all that secret any longer.

Time passes, stuff happens, and then Tesla invents the radio and Marconi takes credit for it. This is both good news and bad news for crypto: on the one hand, your messages can get to anywhere with a receiver and an antenna, which is great for the brave fifth columnists working behind the enemy lines. On the other hand, anyone with an antenna can listen in on the message, which means that it’s no longer practical to keep the existence of the message a secret. Any time Adolf sends a message to Berlin, he can assume Churchill overhears it.

Which is OK, because now we have computers—big, bulky primitive mechanical computers, but computers still. Computers are machines for rearranging numbers, and so scientists on both sides engage in a fiendish competition to invent the most cleverest method they can for rearranging numerically-represented text so that the other side can’t unscramble it. The existence of the message isn’t a secret anymore, but the cipher is.

But this is still too many secrets. If Bobby intercepts one of Adolf’s Enigma machines, he can give Churchill all kinds of intelligence. I mean, this was good news for Churchill and us, but bad news for Adolf. And at the end of the day, it’s bad news for anyone who wants to keep a secret.

Enter keys: a cipher that uses a key is still more secure. Even if the cipher is disclosed, even if the ciphertext is intercepted, without the key (or a break), the message is secret. Post-war, this is doubly important as we begin to realize what I think of as Schneier’s Law: “any person can invent a security system so clever that she or he can’t think of how to break it.” This means the only experimental methodology for discovering if you’ve made mistakes in your cipher is to tell all the smart people you can about it and ask them to think of ways to break it. Without this critical step, you’ll eventually end up living in a fool’s paradise, where your attacker has broken your cipher ages ago and is quietly decrypting all her intercepts of your messages, snickering at you.

Best of all, there’s only one secret: the key. And with dual-key crypto it becomes a lot easier for Alice and Bob to keep their keys secret from Carol, even if they’ve never met. So long as Alice and Bob can keep their keys secret, they can assume that Carol won’t gain access to their cleartext messages, even though she has access to the cipher and the ciphertext. Conveniently enough, the keys are the shortest and simplest of the secrets, too: hence even easier to keep away from Carol. Hooray for Bob and Alice.

Now, let’s apply this to DRM.

In DRM, the attacker is also the recipient. It’s not Alice and Bob and Carol, it’s just Alice and Bob. Alice sells Bob a DVD. She sells Bob a DVD player. The DVD has a movie on it—say, Pirates of the Caribbean—and it’s enciphered with an algorithm called CSS—Content Scrambling System. The DVD player has a CSS un-scrambler.

Now, let’s take stock of what’s a secret here: the cipher is well-known. The ciphertext is most assuredly in enemy hands, arrr. So what? As long as the key is secret from the attacker, we’re golden.

But there’s the rub. Alice wants Bob to buy Pirates of the Caribbean from her. Bob will only buy Pirates of the Caribbean if he can descramble the CSS-encrypted VOB—video object—on his DVD player. Otherwise, the disc is only useful to Bob as a drinks-coaster. So Alice has to provide Bob—the attacker—with the key, the cipher and the ciphertext.

Hilarity ensues.

DRM systems are usually broken in minutes, sometimes days. Rarely, months. It’s not because the people who think them up are stupid. It’s not because the people who break them are smart. It’s not because there’s a flaw in the algorithms. At the end of the day, all DRM systems share a common vulnerability: they provide their attackers with ciphertext, the cipher, and the key. At this point, the secret isn’t a secret anymore.

2. DRM systems are bad for society

Raise your hand if you’re thinking something like, “But DRM doesn’t have to be proof against smart attackers, only average individuals! It’s like a speedbump!”

Put your hand down.

This is a fallacy for two reasons: one technical, and one social. They’re both bad for society, though.

Here’s the technical reason: I don’t need to be a cracker to break your DRM. I only need to know how to search Google, or Kazaa, or any of the other general-purpose search tools for the cleartext that someone smarter than me has extracted.

Raise your hand if you’re thinking something like, “But NGSCB can solve this problem: we’ll lock the secrets up on the logic board and goop it all up with epoxy.”

Put your hand down.

Raise your hand if you’re a co-author of the Darknet paper.

Everyone in the first group, meet the co-authors of the Darknet paper. This is a paper that says, among other things, that DRM will fail for this very reason. Put your hands down, guys.

Here’s the social reason that DRM fails: keeping an honest user honest is like keeping a tall user tall. DRM vendors tell us their technology is meant to be proof against average users, not organized criminal gangs like the Ukrainian pirates who stamp out millions of high-quality counterfeits. It’s not meant to be proof against sophisticated college kids. It’s not meant to be proof against anyone who knows how to edit her or his registry, or hold down the shift key at the right moment, or use a search engine. At the end of the day, the user DRM is meant to defend against is the most unsophisticated and least capable among us.

Here’s a true story about a user I know who was stopped by DRM. She’s smart, college educated, and knows nothing about electronics. She has three kids. She has a DVD in the living room and an old VHS deck in the kids’ playroom. One day, she brought home the Toy Story DVD for the kids. That’s a substantial investment, and given the generally jam-smeared character of everything the kids get their paws on, she decided to tape the DVD off to VHS and give that to the kids—that way she could make a fresh VHS copy when the first one went south. She cabled her DVD into her VHS and pressed play on the DVD and record on the VCR and waited.

Before I go farther, I want us all to stop a moment and marvel at this. Here is someone who is practically technophobic, but who was able to construct a mental model of sufficient accuracy that she figured out that she could connect her cables in the right order and dub her digital disc off to analog tape. I imagine that everyone in this room is the front-line tech support for someone in her or his family: wouldn’t it be great if all our non-geek friends and relatives were this clever and imaginative?

I also want to point out that this is the proverbial honest user. She’s not making a copy for the next door neighbors. She’s not making a copy and selling it on a blanket on Canal Street. She’s not ripping it to her hard-drive, DivX encoding it, and putting it in her Kazaa sharepoint. She’s doing something honest—moving it from one format to another. She’s home taping.

Except she fails. There’s a DRM system called Macrovision embedded—by law—in every VHS that messes with the vertical blanking interval in the signal and causes any tape made in this fashion to fail. Macrovision can be defeated for about $10 with a gadget readily available on eBay. But our infringer doesn’t know that. She’s “honest.” Technically unsophisticated. Not stupid, mind you—just naive.

The Darknet paper addresses this possibility: it even predicts what this person will do in the long run: she’ll find out about Kazaa and the next time she wants to get a movie for the kids, she’ll download it from the net and burn it for them.

In order to delay that day for as long as possible, our lawmakers and big rightsholder interests have come up with a disastrous policy called anticircumvention.

Here’s how anticircumvention works: if you put a lock—an access control—around a copyrighted work, it is illegal to break that lock. It’s illegal to make a tool that breaks that lock. It’s illegal to tell someone how to make that tool. One court even held it illegal to tell someone where she can find out how to make that tool.

Remember Schneier’s Law? Anyone can come up with a security system so clever that he can’t see its flaws. The only way to find the flaws in security is to disclose the system’s workings and invite public feedback. But now we live in a world where any cipher used to fence off a copyrighted work is off-limits to that kind of feedback. That’s something that a Princeton engineering prof named Ed Felten and his team discovered when he submitted a paper to an academic conference on the failings in the Secure Digital Music Initiative, a watermarking scheme proposed by the recording industry. The RIAA responded by threatening to sue his ass if he tried it. We fought them because Ed is the kind of client that impact litigators love: unimpeachable and clean-cut, and the RIAA folded. Lucky Ed. Maybe the next guy isn’t so lucky.

Matter of fact, the next guy wasn’t. Dmitry Sklyarov is a Russian programmer who gave a talk at a hacker con in Vegas on the failings in Adobe’s e-book locks. The FBI threw him in the slam for 30 days. He copped a plea, went home to Russia, and the Russian equivalent of the State Department issued a blanket warning to its researchers to stay away from American conferences, since we’d apparently turned into the kind of country where certain equations are illegal.

Anticircumvention is a powerful tool for people who want to exclude competitors. If you claim your car engine firmware is a “copyrighted work,” you can sue anyone who makes a tool for interfacing with it. That’s not just bad news for mechanics—think of the hotrodders who want to chip their cars to tweak the performance settings. We have companies like Lexmark claiming that their printer cartridges contain copyrighted works—software that trips an “I am empty” flag when the toner runs out, and have sued a competitor who made a remanufactured cartridge that reset the flag. Even garage-door opener companies have gotten in on the act, claiming that their receivers’ firmware are copyrighted works. Copyrighted cars, print carts, and garage-door openers: what’s next, copyrighted light-fixtures?

Even in the context of legitimate—excuse me, “traditional”—copyrighted works like movies on DVDs, anticircumvention is bad news. Copyright is a delicate balance. It gives creators and their assignees some rights, but it also reserves some rights to the public. For example, an author has no right to prohibit anyone from transcoding his books into assistive formats for the blind. More importantly, though, a creator has a very limited say over what you can do once you lawfully acquire her works. If I buy your book, your painting, or your DVD, it belongs to me. It’s my property. Not my “intellectual property”—a whacky kind of pseudo-property that’s swiss-cheesed with exceptions, easements and limitations—but real, no-fooling, actual tangible property—the kind of thing that courts have been managing through property law for centuries.

But anticirumvention lets rightsholders invent new and exciting copyrights for themselves—to write private laws without accountability or deliberation—that expropriate your interest in your physical property to their favor. Region-coded DVDs are an example of this: there’s no copyright here or in anywhere I know of that says that an author should be able to control where you enjoy her creative works, once you’ve paid for them. I can buy a book and throw it in my bag and take it anywhere from Toronto to Timbuktu, and read it wherever I am: I can even buy books in America and bring them to the UK, where the author may have an exclusive distribution deal with a local publisher who sells them for double the US shelf-price. When I’m done with it, I can sell it on or give it away in the UK. Copyright lawyers call this “First Sale,” but it may be simpler to think of it as “Capitalism.”

The keys to decrypt a DVD are controlled by an org called DVD-CCA, and they have a bunch of licensing requirements for anyone who gets a key from them. Among these is something called region-coding: if you buy a DVD in France, it’ll have a flag set that says, “I am a European DVD.” Bring that DVD to America and your DVD player will compare the flag to its list of permitted regions, and if they don’t match, it will tell you that it’s not allowed to play your disc.

Remember: there is no copyright that says an author gets to do this. When we wrote the copyright statutes and granted authors the right to control display, performance, duplication, derivative works, and so forth, we didn’t leave out “geography” by accident. That was on purpose.

So when your French DVD won’t play in America, that’s not because it’d be illegal to do so: it’s because the studios have invented a business-model and then invented a copyright law to prop it up. The DVD is your property and so is the DVD player, but if you break the region-coding on your disc, you’re going to run afoul of anticircumvention.

That’s what happened to Jon Johansen, a Norwegian teenager who wanted to watch French DVDs on his Norwegian DVD player. He and some pals wrote some code to break the CSS so that he could do so. He’s a wanted man here in America; in Norway the studios put the local fuzz up to bringing him up on charges of unlawfully trespassing upon a computer system. When his defense asked, “Which computer has Jon trespassed upon?” the answer was: “His own.”

His no-fooling, real, and physical property has been expropriated by the weird, notional, metaphorical intellectual property on his DVD: DRM only works if your record player becomes the property of whomever’s records you’re playing.

3. DRM systems are bad for biz

This is the worst of all the ideas embodied by DRM: that people who make record-players should be able to spec whose records you can listen to. Think about all the things that can be plugged into a parallel or serial interface which were never envisioned by their inventors. Our strong economy and rapid innovation are byproducts of the ability of anyone to make anything that plugs into anything else: from the Flo-bee electric razor that snaps onto the end of your vacuum-hose to the octopus spilling out of your car’s dashboard lighter socket, standard interfaces that anyone can build for are what makes billionaires out of nerds.

The courts affirm this again and again. It used to be illegal to plug anything that didn’t come from AT&T into your phone-jack. They claimed this was for the safety of the network, but really it was about propping up this little penny-ante racket that AT&T had in charging you a rental fee for your phone until you’d paid for it a thousand times over.

When that ban was struck down, it created the market for third-party phone equipment, from talking novelty phones to answering machines to cordless handsets to headsets—billions of dollars of economic activity that had been suppressed by the closed interface. Note that AT&T was one of the big beneficiaries of this: they also got into the business of making phone-kits.

DRM is the software equivalent of these closed hardware interfaces. Robert Scoble is a Softie who has an excellent blog, where he wrote an essay about the best way to protect your investment in the digital music you buy. Should you buy Apple iTunes music, or Microsoft DRM music? Scoble argued that Microsoft’s music was a sounder investment, because Microsoft would have more downstream licensees for its proprietary format and therefore you’d have a richer ecosystem of devices to choose from when you were shopping for gizmos to play your virtual records on.

What a weird idea: that we should evaluate our record-purchases on the basis of which recording company will allow the greatest diversity of record-players to play its discs! That’s like telling someone to buy the Betamax instead of the Edison Kinetoscope because Thomas Edison is a crank about licensing his patents; all the while ignoring the world’s relentless march to the more open VHS format.

It’s a bad business. DVD is a format where the guy who makes the records gets to design the record players. Ask yourself: how much innovation has there been over the past decade of DVD players? They’ve gotten cheaper and smaller, but where are the weird and amazing new markets for DVD that were opened up by the VCR? There’s a company that’s manufacturing the world’s first HDD-based DVD jukebox, a thing that holds 100 movies, and they’re charging $27,000 for this thing. We’re talking about a few thousand dollars’ worth of components—all that other cost is the cost of anticompetition.

4.3/5

Need Help?

Comment/Ask an Expert


Related Writing Guides

How to Write a Speech

There can be various areas of life when you are asked to make a speech. It can be a formal occasion, for work, studying, retirement, promotion, etc., or an informal event, like a wedding, an anniversary or the birthday of your friend. If you were assig...

Login

or login with

Register | Lost your password?