JamieG Analysis

Firstly I would like to say that this article is not about the possible evil use of DRM. In the blogesphere, the word “DRM” has a very negative connotation. I would like the reader to look past this and examine some of the technical issues I would like to discuss. However, I do need to set up some boundaries.

Lets first have a look at “Open Source DRM”. GPL3 has included some anti-DRM provisions. (See THIS) Some well known pundits of GPL (Ie see THIS story about Linus Torvalds) have written about how DRM and open source cannot integrate and are at odds with each other. This could be considered an idealistic approach as is a utopian society. Both, I fell are not realistic.

Some exampled of DRM that we use in our every day life, and completely accept are;

1. Software Protection. It is commonly cracked, however, few if any disagrees with the idea. GPL pundits have not complained about commercial software having copy protection while running on LINUX.
2. OpenPGP, DES, OpenSSL and countless other encryption tools based on open standard and used to protect commercial and non-commercial tools and information every day.
3. Distribution of a content in NON-digital form. I consider this a form of DRM as it helps control the distribution of content. For example, a vinyl record, due to the fact you had to purchase a lot of equipment and time to produce a copy. Also, the latest Harry Potter book that was scanned and distributed. Some one still has to go through the process of scanning the book and preparing it. This takes time and has no reward. The Harry Potter book may have had enough hype around it for this happen but most will not.

It is important to point out here that DRM, by its nature, will always fail. Be it simply by the fact that at some point it has to go back to analog, as out eyes and ears are analog. Any analog signal can be copied. DRM, by the current incumbent players, due to the overwhelming fact that it has a loosing battle, has been implemented in such a way as to make the legitimate and paying end user feel like a criminal. “Down with DRM” is found tagged on forums around the web.

Lets now have a look at a real life example of an OPEN DRM. This DRM is just as important, if not more important then any DRM we are using on the internet. It is called DCI. (Digital Cinema Initiative.) The website contains a specification which describes how movies will be distributed in DIGITAL format. Ie, in the best possible distribution format currently available. This video format is JPEG2000, and the encryption is AES-128. This is, to all intensive purposes, an OPEN DRM. It is based on a non-proprietary encryption. It has been in use for a number of years.

What I am leading up to here is that DRM is a tool and not a solution. Realistically, the objective here is to:

1. Introduce an inconvenience of making unauthorised copies of media.
2. Help the end user understand that the media has value and cannot be treated the same as a typical file as far as simply popping on a P2P.
3. Encourage the user to respect the the fact that media has a cost involved and needs to have some type of payment involved to watch/listen. (Ie advertising, promotion or real payment)

This should be possible while, at the same time, providing the media consumer with a pleasant and rewarding experience. The degree of media restriction will be varied depending on the model and consumers expectations.

I would hope I have a resonable position here, and if so, what next.

What we need now, and what I hope to encourage, is the implementation of an OPEN DRM based on open source software which is a simplified version of what one could call a DRM. The objective is to totally remove the “Gate Keeper” and his inflated costs from the distribution chain.

(An example of a Gate Keeper: Apple Itunes or any on-line shop. These organisations take a large proportion of the media sale and are justified as they bring to the table marketing, of which you could do yourself, and media protection or DRM, of which you cannot, and therefore are more likely to use them.)

Lets look at the new Web-Joost player. (And here is where I get technical)

Web-Joost is an impressive proof of concept. Now, if we could implement a social networking module behind the application which replaced the Marketing portion (Ie like a digg.com), then allow the producers to host there own content and implementing an individual custom key and encryption.

For example, the Producer could select a common encryption like AES, then write or modify a module that generated the KEY. This could be done individually for every piece of media. In the end we would have a DRM that would not be that hard to crack, however, every piece of media would have to be cracked individually. Ie, this would mean,anyone wishing to crack a lot of media would be spending all him time cracking. Not Crack once then a free for all like DVD.
This is near feasible with Web-Joost, Flash, and Actionscript 3. From my understanding, however, is is likely not possible.

Microsoft Silverlight (Still in Beta), very similar to FLASH, may have the legs to do this.

However, Adobe and Microsoft are unlikely to support these moves as they have business modems which are trying to make this market into there future cash cow. This is understandable. They are listed companies trying to maximise the returns to the investors.

To end up, I would like to point you at a company doing this now. www.jaman.com. This is an example of the implementation I describe but as a Web2.0 company, and not OpenSource.