W3C home > Mailing lists > Public > public-html-media@w3.org > February 2013

Re: DRM nonsense

From: Florian Bösch <pyalot@gmail.com>
Date: Tue, 12 Feb 2013 22:29:38 +0100
Message-ID: <CAOK8ODg3rXMxZoQxKpjFKp8fc_915hummwcpMDZ7kEdKodh2_A@mail.gmail.com>
To: Mark Watson <watsonm@netflix.com>
Cc: "<public-html-media@w3.org>" <public-html-media@w3.org>
On Tue, Feb 12, 2013 at 9:51 PM, Mark Watson <watsonm@netflix.com> wrote:

>  Please see my other comment about the different things being protected.
I don't know what weird bizarro world you live in where you think you can
"protect" anything that goes on a users computer. Let me break it to you
the hard way, you can't. End of story. That's it. As soon as you have
anything running on a users computer, the user can do anything to your
"trusted" software whatsoever. This my friend is the world where you
intercept and fake syscalls, disassemble binaries, grab memory from living
ram, instrument foreign binaries, compile your own drivers, compile your
own browser, compile your own kernel and a pleathora of other techniques to
completely root your scheme. What you call "protection" is nothing more
than a slight of hand. It's nothing more than cheap obfuscation. It's not
magic. It's a magic trick. It only works on those who don't know how it
works. And it only takes one who knows, to break it for everybody. You're
talking as if the implementation of that DRM will be the grand masterpiece
of integrity. It's not. It's cheap parlor trick. People 10x or 100x as
intelligent as you or me will read your code and will break in a matter of
minutes, and they put on bittorrent, pastebins and on bitbucket, github and
gists. There is no such as a "secret" once you have thing on a users
computer, none whatsoever. Please stop fooling yourself. And please stop
fooling your clients, because, they don't know any better. They can't even
imagine what I'm talking about. When you go into meeting and tell your
clients "this runtime is secure" you're lying. You're lying out of your
arse. There's no such thing in DRM as secure. None whatsoever. You cannot
protect anything at all. Just stahp. Alright? I'm not as dumb as the
content people you have meetings with.

Received on Tuesday, 12 February 2013 21:30:05 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 15:48:32 UTC