Re: Oppose DRM ! Re: CfC: to publish Encrypted Media Extensions specification as a First Public Working Draft (FPWD)

On Fri, Jan 25, 2013 at 6:25 AM, David Singer <singer@apple.com> wrote:
> On Jan 25, 2013, at 14:38 , Andreas Kuckartz <A.Kuckartz@ping.de> wrote:
>> Ian Fette (イアンフェッティ):
>>> Also, why do people insist that drm is incompatible with foss? Yes, today's
>>> implementations are largely security through obscurity but there is nothing
>>> that fundamentally prevents an open source drm stack if one wished to make
>>> the investment. Create a hardware tpm and publish the specs, build some
>>> form of attestation on top of it, etc. Clearly nontrivial but not
>>> fundamentally impossible.
>>
>> I consider it impossible to do that while keeping the software open
>> until the opposite is proven.
>
> There are uses of encrypted media which are compatible with foss.  For example, various people have realized that there are cases where media needs some amount of protection in transit, but not much, if any, protection once it reaches the end system.  DRM systems are typically quite expensive for this, as they include tamper-proofing, and TLS is expensive as it's dynamically applied (it's cheaper to pre-compute the encryption).  My read of the media extensions is that they are quite suitable to this scenario.

I don't understand.  The standard DRM scenario, which we know is the
majority reason for pursuing this spec, is one where encryption is
desired both during protection and at the end point, with the data
decrypted only at the latest possible moment, in the most
inaccessible-to-the-computer's-owner way possible.

Transferring data from Alice to Bob, when Bob's not allowed to know
how to decrypt it, requires Bob's device to have a secret that Bob
doesn't have access to.  Short very exotic protocols that I'm sure
exist somewhere, this means that DRM is incompatible with FOSS, as the
secret must be kept, well, secret from the computer owner.

~TJ

Received on Friday, 25 January 2013 17:58:08 UTC