Back and now sorry for the hiatus but I just had my first child! (Tuesday 10/7, at 6:03p 9lb 4oz) anyway, on to the blog…
I have tried very hard to avoid too much talk about DRM(digital rights management). For those who don’t know, DRM is used by companies to prevent sharing/distributing their software without paying them for the right. This has cause users both legitimate and illegal problems.
Now I’ve worked both computer security and physical security as well as a mix of both. The core of the problem in both cases is that you need to make it very hard or impossible for the ‘bad guys’ to get in while making it easy for the good guys to get in. So it comes down to telling the good and bad apart. Unfortunately I have not seen a single DRM solution that tries to do the basic task of knowing the difference between a legal user and an illegal one. Instead EVERYONE gets treated like they are one of the ‘bad guys’.
Now I’m all for someone trying to protect their work, but when you treat customers like the enemy it makes no sense for business. Unfortunately this is in essence a weak interface problem. The people/companies don’t understand how things online work. This is not like placing a small circuit inside a physical product so the alarm sounds when you leave the store without paying. They REMOVE the circuit when you pay and it does not make it difficult to use the product or affect you in any way once you leave the store. Software DRM on the other hand stays with the product, slows down your computer and may even collect private information about you.
In fact retailers are starting to resist the idea of DRM. The UK’s largest retailer of online music has said that 3 out of 4 (75%!) of customer issues are about DRM causing computer problems. (http://arstechnica.com/news.ars/post/20070318-75-percent-customer-problems-caused-by-drm.html)
In essence DRM is about treating everyone like a criminal. In fact it punishes the ‘good guys’ and not the bad. If you have any knowledge at all as a ‘bad guy’ you know how to remove the DRM or find illegal sources so only the good guys are punished.
Apple iTunes store has DRM and has caused all sorts of problems. The DRM violate the customer’s rights and there are lawsuits about it (http://p2pnet.net/story/9003). In short it’s as if you buy a TV and the store has the right to enter your house and turn it off if they want to and you have no power to stop them.
This article is self explanatory: “Wal*Mart shutting down DRM server, nuking your music collection — only people who pay for music risk losing it to DRM shenanigans” (http://boingboing.net/2008/09/26/walmart-shutting-dow.html)
As I said only the good guys end up being punished making it in the best interests of everyone to steal/share music. DRM = “Follow the rules get screwed in the end”.
Dear reader if you have any influence at all, anywhere tell them to talk to me. This can be done the right way to keep the ‘bad guys’ out but not hurt the good guys. The problem comes down to the fact that a company asks for software to prevent file sharing but does not consider differentiating one person from the next. What is really needed is new DRM that takes not only the retailers interests into account but also the customer. Before every former customer does what is in their best interests and become a ‘criminal’
I’ve said it before, ask the experts. Find a person or group who understands security, business, software, and the customers then get them to give you what you need.
Take care and Good Luck.