|
Trend
DRM’s far from perfect
Kumar Dawada examines whether DRM is a digital weapon
fired by large corporates to put a full stop to the free information era or
a content protection technology to finally end piracy of digital content.
“If consumers even know there’s a DRM, what it
is and how it works then we’ve already failed”
—Peter Lee
Disney Executive
Before the advent of the digital age, it was easy for a content
publisher and owner to control the distribution of information. Any and every
form of content, be it music, cinema, books or photographs had to be printed
on paper or recorded on films or magnetic tape. It had to be physically published
and distributed.
 While
these distribution packages could be duplicated, it was complex, expensive and
slow. The quality of the duplicated work was often poor with each successive
copy getting worse. Large-scale duplication was not feasible or profitable.
Technological limitations ensured that the producers of content as well as its
publishers were protected against unauthorised users.
The mass replication age
The computer age led to a digital revolution. Digital media
started gaining preference and popularity over analogue media. Digital content
could be easily produced with superior quality, manipulated and enhanced. Most
of all, it could be reproduced without any loss of content quality.
On top of it, the Internet’s rise made it no longer
necessary to make or sell actual objects such as books, tapes, and CDs. A digital
copy of the file can be sent anywhere instantly using Internet, broadband connectivity
and file-sharing software. As data is no longer associated with a physical object,
it does not deteriorate or perish. However, the best part is quick and free
delivery.
Battle for rights
Media moghuls finally woke up to the digital revolution’s
threats as it hurt them where it affected them the most—their bottomline.
Thus began the media industry’s struggle to censor the free spread of digital
content. These were opposed tooth and nail by the advocates of freedom of information
on the Net. DRM technology was devised by the media industry to regain lost
ground.
DRM stands for Digital Rights Management. It is a general term for the methods
of controlling and protecting digital content including digital audio, video,
images as well as other forms of digital content such as e-books. DRM allows
media owners and publishers to control the use, duplication and distribution
of their digital content.
Evolution of DRM
Many DRM systems have come and gone because they have fallen short of expectations.
Despite spending astronomical amounts on R&D, these have failed to protect
rights of content owners and publishers. Nor have they been able to respect
the rights of the legitimate purchasers of the digital content. In fact, the
only people who benefitted were organised crime syndicates responsible for mass
copying and duplication of digital content for the piracy market.
One of the first DRM technologies to arrive on the scene was the hardware dongle.
It was a separate piece of hardware to be attached to the computer before the
authorised user could use digital content. Later modifications include USB and
smart card devices. Installation and set up of these devices was complex and
it interfered with the proper use of many existing devices. However, cracks
were available to circumvent such hardware. So, software and digital piracy
flourished despite the existence of hardware protection.
A controversial use of DRM was CSS (Content Scrambling System). Though it was
aimed at preventing mass piracy, it ended up victimising the authorised user.
It was implemented by the DVD Forum on movie DVDs. The DVDs were encrypted according
to location that they were sold at. This restricted the use of legitimate purchasers.
The user fraternity came up with software tools like DeCSS, which enabled users
to make quality digital copies of the DVDs. The most glaring flaw of this technology
was the ease by which it was bypassed.
Another DRM technology used is digital watermarking. Each disk or storage media
has a unique ID. The name and address of the purchaser is taken at the point-of-sale
and entered into the database along with the unique ID of the media. Any copy
of the digital content will include the unique ID, which can be viewed by the
publisher and they could catch hold of the purchaser whose product was used
for making the multiple copies.
Sony’s XCP controversy
A British company First 4 Internet developed extended copy protection (XCP)
for Sony BMG (henceforth called only Sony). It was marketed as XCP-Aurora. A
legitimate purchaser of Sony’s CD is prompted to install a program misleadingly
named as Plug-and-play manager which remains active in the user’s computer
even after the Sony CD is played.
|
Given the presence of many global
media players in India, introduction of a new law on DRM is not above
the realm of possibilities
|
Whenever any audio CD was played it intercepted all commands
to the CD drive and gave random noise if any other music media player tried
to access the audio CD. This software also concealed its activity like the rootkit
software used by blackhat hackers to hide tracks of its presence. It did this
by hiding all processes, files and registry keys starting with $sys$ from the
user’s view. The rootkit could be exploited by crackers to hide their files
and processes after they have gained access to a user’s system. This flaw
was specific only to Windows-based systems. Neither the XCP nor the rootkit
had any effect on other operating systems. This was exposed between October
31 and November 7, 2005 by sysinternals.com, vnunet.com and the Boston Globe
which classified the software as spyware.
In response to the negative publicity, Sony released a software utility to remove
the rootkit component from the affected Windows-based computers. But this utility
did not remove the rootkit. All it did was unhide the hidden files installed
by the rootkit. It also installed extra software which could not be removed.
On 16 November, 2005 US-CERT said that XCP used rootkit technology to hide files
from the user and that this technique is a security threat to the users. They
also said the uninstall option provided by Sony made the system more vulnerable.
So on 18 November, 2005 Sony provided a removal tool to actually remove the
rootkit component from any affected Windows-based computers. It also announced
that it had recalled all unsold CDs from retail outlets and will provide the
affected purchasers with new CDs sans the rootkit.
Legal implications
The Digital Millenium Copyright Act was passed in the US. It is now illegal
to bypass a DRM system. Even more controversial DRM regulations are on the cards
including adding copy prevention codes to broadcast HDTV signals.
DRM takes away many basic rights given by copyright laws. For instance, copyright
contents become a part of public intellectual property after the expiry of the
copyright period so anyone can access it freely. But DRM systems do not have
any time limits and there is no method to remove the copy control mechanism
after the copyright period expires. Copyright law does not prevent resale of
a copyrighted work. Copying is legal in exceptional cases like fair use or fair
dealing. But DRM prevents authorised purchasers from exercising these rights.
The states of California, New York and Texas in the US as well as the Italian
government have initiated legal action against Sony BMG and First 4 Internet
for invasion of privacy and unauthorised tempering of user’s computers
during its rootkit controversy.
Cases of DRM abuse are well-known and range from the absurd to the bizarre.
For instance in 2000, Adobe Systems released Lewis Carroll’s Alice in Wonderland
with DRM control. It disabled the text-to-speech feature normally available
in Adobe’s eBook reader. The book was released with a notice that ‘this
book cannot be read aloud’.
| Upcoming DRM |
| HD-DVD uses a DRM technology called
Advanced Access Content System (AACS). It is a robust and renewable method
to protect audio-visual entertainment content including high definition
content based on cryptography.
AACS allows creation of
authorised and secured copies by taking into consideration network functionality
and Internet connectivity. Called ‘Managed copy,’ it allows
the ability to make legal DVD’s content copies which can be put on
hard disk, transferred to a portable player or to home networks. AACS
also has a revocation system that can disable HD-DVD players.
Blu-ray DRM is more sophisticated
than HD-DVD format. It includes BD+ and ROM mark along with AACS. BD+
is a variation of SPDC (self-protecting digital content). It places a
virtual player in the DVD player. If the DVD player is attacked then the
software is renewed on the virtual machine. SPDC allows each disk to have
its own security software to secure its own playback. BD+ gives content
providers a method to respond to attack on security system by allowing
dynamic updates of compromised code.
ROM mark is also unique
to Blu-ray disk. It is designed to combat large-scale mass piracy. The
disk media embeds a unique and undetectable ID, which is invisible to
purchasers. The ROM mark can be duplicated or copied only by using the
equipment that is available to licenced Blu-ray DVD-ROM manufacturers
and it prevents unauthorised copies from being produced.
|
Another example is New York University’s Kraiser Dental School. The dental
textbooks are available only on DVD and students have no choice but to buy DVDs.
Those DVDs are readable only and that too on authorised computers and for a
limited period of time. After that period the DVD expires and all information
in the DVD becomes unavailable. This DVD contains many books that are not available
on paper at all.
India so far does not have a Digital Copyright Act. “Digital content is
covered in the amendments made to the Copyright Act and the aggrieved party
can move civil or criminal court and seek remedy for infringement of copyright.
Combating digital or software piracy is also covered in the Information Technology
Act. However, given the presence of many global media players in India, introduction
of a new law on DRM is not above the realm of possibilities,” says Mumbai
based advocate Sitaram Bhamblani of Bhamblani & Company.
Those in favour of DRM are of the view that DRM concepts, security and cryptography-based
technology are well understood and it is possible to sort out the initial problems
faced by the authorised purchasers of digital content. They also say that if
the creator or authorised distributors of digital content are not given the
power to control distribution and replication of their content, then creativity
will be adversely affected.
Those against it feel that the DRM issue is gone too far and violates the right
to privacy of authorised users and purchasers. It has turned many normal user
activities into illegal acts. DRM component of a software will take control
of user device and restrict its action with scant regard for the user’s
wishes. The user will have no choice, as he will not be able to disable or modify
those restrictions. They also say that giving control of user computers to a
third party (content publisher or creator) may lead to abuse which can go well
beyond enforcement of copyright.
DRM is also being called as the first step towards Internet censorship. It is
a barrier to free market and free information flow. In Europe, DRM schemes are
seen as an abuse of copyrights and are nick named as eSlavery.
What next?
DRM is poised to become the next battleground between the content owners and
publishers on one side and the users on the other. The content owners and publishers
are determined to regain lost ground and make up for the loss of revenue that
is a result of the digital revolution. The box above gives a preview of some
of the schemes being cooked up on this front.
Content biggies are in no mood to give any rights for free and want totalitarian
control over digital content in or out of cyberspace. On the other hand, users
are determined to use content on their own terms. And as it has happened before,
the initiatives will keep shifting from side to side. Only time will decide
who will emerge as the clear winner.
kumard@networkmagazineindia.com
|
