I'd recommend Cory's latest book: "Information doesn't want to be free" where he addresses the problems presented by DRM and other copyright issues. It's a short read but hugely valuable for folks creating digital content. http://www.amazon.com/gp/product/B00R4ZJTMO?btkr=1
The book is recommended (and the print version is surprisingly attractive). It may be somewhat disappointing if you've been following Cory for a while though as the book doesn't really tread any new ground from his previous works, speeches, etc.
That said, he seems to be trying to hit a different audience with this book and his message is communicated simply enough to make an impact. It seems that hitting a broader audience would be a core mission of this "1201" project with the EFF.
I agree, but would put a more positive spin. The book didn't break open for me any new ideas about the topics that Cory's been super eloquent on in the past... but it was marvelous in it's simplicity and encapsulation of concepts. I felt better for reading it, if only because it provides new ways of communicating these arguments to others.
The positive spin is more fair and accurate. I didn't intent to come off so negative. Part of the reason I've kept reading and listening to Cory is because, as you note, he provides new ways of communicating arguments and it was interesting to see him work to direct this at a broad audience at the same time. For example, at the end of a long section talking about the fluidity between the roles of creator, investor, intermediaries, and audiences in the introduction he closes with: "...and some of the most dedicated audiences are made up of creators themselves (which is why authors are usually photographed standing in front of a wall of other people's books.)"
It's not fully represented in this quote, but when you read that closing line it instantaneously becomes obvious how blurry the lines have always been and how silly many of the distinctions truly are. We're talking about something bigger.
DRM isn't inherently bad, it's just that it's most common usage today is in controls that deprive me of my rights. What about scenarios such as if I where to use DRM in the kernels on my systems to restrict the loading of modules that I have not signed?
What if instead of abolishing DRM, we advocated to change the laws to require that any consumer who wishes to control the keys to their own property must be given said keys, because this allows people like my parents and grandmother to relinquish the controls that they aren't interested in to people they trust.
DRM is inherently bad, because there is no such thing as perfect DRM and whenever you construct an argument for DRM you have to add the sort of "it's just that"s you've just written.
If you are given content to play, you should be given it in a 'perfect' format. Anything else is idiocy, because at some point it'll be played in that format anyway.
From considering the demand-side point-of-view only, I would tend to agree. It gives content distributors a false sense of control at the expense of complicating the average customers' lives. ("Penny-wise, pound-foolish" like a neighborhood coffee shop that requires a key to use the restroom and doesn't put out napkins whereas the Starbucks next door making far more money does neither.)
From the supply-side point-of-view (film maker, movie theater, on-demand service), it depends. Artists can choose to release for free like The Beastie Boys are other doing, knowing enough people will still buy the retail package to keep them afloat. But to see your blood, sweat and tears shared without people paying a dime, might be tough. It's further complicated because you don't want to tick off freeloaders that can be converted to customers or whom happen to be major customers in same-brand products/services.
Both taken together, it's becomes a self-selecting, personal choice to vote with one's wallet.
Cory's book is written specifically for the content creators (slash distributors), not the demand side. He handily makes the argument that DRM is an inherently and objectively Bad Thing for them, bar none.
The problem is you're presenting a false choice "Release for free, or release with DRM and get paid". In truth, that's not quite what happens. Instead DRM hurts sales, and lack of DRM helps (or at least doesn't hurt) them... and I'd challenge you to find any time-tested evidence to the contrary.
> Instead DRM hurts sales, and lack of DRM helps (or at least doesn't hurt) them... and I'd challenge you to find any time-tested evidence to the contrary.
The math on this is very straight forward. Very few of the pirates the DRM stops go out and pay instead, but 100% of the customers who don't buy your product because the DRM sucks are actual lost sales. This is basic supply and demand. Offer free chocolate and everyone will be filling up the back of their trucks with it, but charge $1 and you'll be lucky if each person even buys one bar. Even less when it comes out that you've made it hard to eat. Worse, all but the first pirate are getting the DRM-stripped version from the first pirate but all your paying customers are getting the annoying DRM version.
And to add insult to injury, you have to spend money to build and maintain the DRM system -- unless you outsource it to someone like Apple or Amazon, in which case they become a toll collector that sits between you and your customers.
It's like paying someone to chase away your customers.
What DRM system has actually been effective in reducing piracy? I think the more modern usage of DRM is aimed at market segmentation and control, which might also be in the best interest of supply.
However, these DRM systems require the user to use an unknown, "black box" decrypter to keep the content out of their hands. This wouldn't bother me if you could choose to not use the black box (as they are inherently insecure, obviously the decryption key can be extracted and used without the black box), but that is currently illegal. Therefore, I don't consider the current usage of DRM to be ethical.
I would actually be more supportive of DRM if it stood by its own merits - without government backing to try to paper over broken implementations.
DRM can protect your own code as much as it can deny your rights. Repurposing many of these technologies for security, isolation, and verified freedom from malware could be the single largest step in computer security in recent history.
You probably want your code protected so that someone other than you can't modify it at runtime, from an external source... if you understand what I'm getting at.
What you describe is not DRM. The system you describe can be part of a DRM scheme, but verifying signatures itself is not a copy prevention measure.
I'm pretty sure the types of DRM that are being referred to here are the kinds that hide a secret key in a "black box" on the consumer's device, and then sell the consumer content that can only be decrypted by that black box.
I,ll rooting for this initiative. I used to take for granted that I'd own the things I buy. But it seems that every year that goes by I'm having less and less ownership of my possessions.
18 comments
[ 3.0 ms ] story [ 40.3 ms ] threadThat said, he seems to be trying to hit a different audience with this book and his message is communicated simply enough to make an impact. It seems that hitting a broader audience would be a core mission of this "1201" project with the EFF.
It's not fully represented in this quote, but when you read that closing line it instantaneously becomes obvious how blurry the lines have always been and how silly many of the distinctions truly are. We're talking about something bigger.
What if instead of abolishing DRM, we advocated to change the laws to require that any consumer who wishes to control the keys to their own property must be given said keys, because this allows people like my parents and grandmother to relinquish the controls that they aren't interested in to people they trust.
If you are given content to play, you should be given it in a 'perfect' format. Anything else is idiocy, because at some point it'll be played in that format anyway.
From the supply-side point-of-view (film maker, movie theater, on-demand service), it depends. Artists can choose to release for free like The Beastie Boys are other doing, knowing enough people will still buy the retail package to keep them afloat. But to see your blood, sweat and tears shared without people paying a dime, might be tough. It's further complicated because you don't want to tick off freeloaders that can be converted to customers or whom happen to be major customers in same-brand products/services.
Both taken together, it's becomes a self-selecting, personal choice to vote with one's wallet.
The problem is you're presenting a false choice "Release for free, or release with DRM and get paid". In truth, that's not quite what happens. Instead DRM hurts sales, and lack of DRM helps (or at least doesn't hurt) them... and I'd challenge you to find any time-tested evidence to the contrary.
The math on this is very straight forward. Very few of the pirates the DRM stops go out and pay instead, but 100% of the customers who don't buy your product because the DRM sucks are actual lost sales. This is basic supply and demand. Offer free chocolate and everyone will be filling up the back of their trucks with it, but charge $1 and you'll be lucky if each person even buys one bar. Even less when it comes out that you've made it hard to eat. Worse, all but the first pirate are getting the DRM-stripped version from the first pirate but all your paying customers are getting the annoying DRM version.
And to add insult to injury, you have to spend money to build and maintain the DRM system -- unless you outsource it to someone like Apple or Amazon, in which case they become a toll collector that sits between you and your customers.
It's like paying someone to chase away your customers.
However, these DRM systems require the user to use an unknown, "black box" decrypter to keep the content out of their hands. This wouldn't bother me if you could choose to not use the black box (as they are inherently insecure, obviously the decryption key can be extracted and used without the black box), but that is currently illegal. Therefore, I don't consider the current usage of DRM to be ethical.
I would actually be more supportive of DRM if it stood by its own merits - without government backing to try to paper over broken implementations.
I don't know from what viewpoint you're constructing this fantasy about computer security and DRM.
Open source servers won. They will continue to win. Open source software is also about as far away from DRM as it is possible to be.
Are you suggesting we create closed-source operating systems and servers? That those would somehow be more secure?
Besides, why would you think I want my code protected? I'm not a kindergartener that doesn't know how to share.
You probably want your code protected so that someone other than you can't modify it at runtime, from an external source... if you understand what I'm getting at.
I'm pretty sure the types of DRM that are being referred to here are the kinds that hide a secret key in a "black box" on the consumer's device, and then sell the consumer content that can only be decrypted by that black box.