Over at Engadget, JD Lasica interviews outgoing MPAA head Jack Valenti. In the interview, Valenti repeats several of his classic arguments.
For example, here’s Valenti, in this week’s interview, on fair use:
Now, fair use is not in the law.
We heard this before, in Derek Slater’s 2003 interview with Valenti:
What is fair use? Fair use is not a law. There’s nothing in law.
(Somebody should send him a copy of 17 U.S.C. 107.)
Here’s Valenti, this week, on the subject of backups:
Where did this backup copy thing come from? A digital thing lasts forever.
Here he is in the 2003 interview:
[A DVD] lasts forever. It never wears out. In the digital world, we don’t need back-ups, because a digital copy never wears out. It is timeless.
(Backing up digital data is, of course, a necessary ritual of modern life. Who hasn’t lost digital data at some point?)
Interestingly, in the recent interview, unlike the 2003 one, Valenti shows a blind faith in DRM technology:
I really do believe we can stuff enough algorithms in a movie that only the dedicated hackers can spend the time and effort to try to plumb through those 1,000 algorithms to try to find a way to beat it. In time, we’ll be able to do this, because I have great faith in the technological genius that’s out there.
….
We’re trying to put in place technological magic that can combat the technological magic that allows thievery. I hope that within a year the finest brains in the IT community will come up with this stuff. A lot of people are working on it—IBM, Microsoft and maybe 10 other companies, plus the universities of Caltech and MIT, to try to find the kind of security clothing that we need to put around our movies.
It may be possible to so infect a movie with some kind of circuitry that allows people to copy to their heart’s content, but the copied result would come out with decayed fidelity with respect to sound and color. Another would be to have some kind of design in a movie that would say, ‘copy never,’ ‘copy once.’
Even ignoring the technical non sequiturs (“stuff … algorithms into a movie”; “infect a movie with … circuitry”), this is wildly implausible. Nothing has happened to make the technical prospects for DRM (anti-copying) technology any less bleak.
We can only hope Valenti’s successor stops believing in “technological magic” and instead teaches the industry to accept technical reality. File sharing cannot be wished away. The industry needs to figure out how to deal with it.
Michael:
I mentioned “watermarking” because you compared a hypothetical digital display that refuses to play copyright audio or video with the banknote-recognition on color photocopiers — but the banknote-recognition is based on watermarking technology, so it’s a false analogy. I know perfectly well that song-recognition is nothing to do with watermarking, and you’re the one who’s confused.
Even if it’s only 1000 songs, a system for recognizing “unauthorized” content on one’s own computer is not feasible. Implementing fuzzy logic is not a straightforward task, and it would likely mean that the “recognition” part of any media-playing device would be bigger than the part which actually plays the media. A hugely expensive additional “feature” which impedes the consumer, no-one’s going to buy it. And such a system is bound to lead to false positives. What will it do with a home-recorded karaoke version of a hit song?
And finally, I don’t think it’s the business of the player to veto what is being played.
Michael:
Legislation mandating that such devices only support DRM’ed content is not likely to pass anytime soon.
If the encryption is done at the client (which is the case with iTMS), then you can reverse engineer the client and create an application which lets you encrypt unauthorized content.
I’ll have to defer to Ed to comment on the technical prospects for watermarking technology.
Yeah, I think that one potential solution to DRM issues is playback devices that can recognise when they’re playing unauthorised movies and songs. (It’s not necessary that they recognise *every* movie and song; recognising the 10000 most popular movies and songs (maybe even 1000) would probably be enough.)
This wouldn’t involve watermarking content, by the way; I don’t know how Shazam Entertainment’s music recognition system works, but it clearly doesn’t use watermarks that Shazam has previously embedded into songs.
Since an integrated mobile phone/music player has basically all the pieces needed to make this work right now, I don’t think such a system is technically impossible. (This particular system would suck since it gives some centralised system access to whatever it is that you’re listening to, but with enough CPU power and storage the recognition could be done on your own box, especially since it doesn’t have to be done in real-time: analysing a few minutes of audio every hour would probably be sufficient.)
Michael:
Photocopiers do not know about every banknote in the world: instead they recognize certain intricate dot/line patterns embedded into the designs of most banknotes (although not, so I’m told, most US ones). This is a sort of watermark feature, but of course this is not feasible in music or video: you can’t have a watermark without either distorting the sound or display (which detracts from the experience), or making it trivial to remove (as Ed has of course demonstrated).
“It should be possible to develop displays that can tell when they’re playing a movie, and that request appropriate authorisation when so. ”
Right, so you propose that every computer in the world be able to recognize every single movie or song in the world? Because while this sort of fuzzy logic is possible (as shown by the identification of songs over the phone) the amount of computing power and storage it would take is huge. Or perhaps it would work by connecting the computer to the internet each time a file is played, but the search would take some time *and* it seems unfair if you’re trying to play your home video and can’t because the computer can’t net up and check that it isn’t on the copyright database.
Ed:
Thanks for your clarification, but I’m still confused. If Palladium can be implemented, but it cannot prevent P2P-style infringement, then in what sense has it been implemented? What is the referent of the “wildly implausible” of your original post?
I think your step (1) can be made significantly harder than it is now. (See comment to Jon above.) I think step (3) can be too: it should be possible to develop displays that can tell when they’re playing a movie, and that request appropriate authorisation when so. (Similar to the way in which color photocopiers refuse to copy bank notes.) There’s already a service that will identify pop songs over the phone; it can’t be much more difficult to do movies. This will require a CPU on the display, and some sort of network access, but in five or ten years this won’t be burdensome.
Jon:
Getting access to the plaintext doesn’t help very much if everyone else’s devices (e.g. generation 10 iPods) refuse to play anything unless it’s been encrypted with both its own public key, and encrypted/signed by the content store’s private key.
(Also, you probably don’t want to distribute the plaintext itself–it will probably have been individually watermarked so that the purchaser can be identified, and so that individual copies can selectively be “deactivated.”)
Michael:
My statement quoted in the Chronicle (“If Palladium is adopted, and if other technology vendors exploit it fully to restrict access to copyrighted works, education and research will suffer.”) is perfectly consistent with my statement here that the prospects for DRM are bleak. If it is adopted and exploited, Palladium will harm education and research; but it won’t prevent P2P-style infringement.
The question of whether Palladium can be implemented is separate from the question of whether it can prevent P2P infringement.
Michael:
Here is the scenario that the MPAA wants to prevent:
(1) Technically Skilled Person rips content into unprotected form.
(2) T.S.P. redistributes the unprotected content, on physical media or via P2P.
(3) Thousands of ordinary users acquire and play the unprotected content.
DRM cannot stop any of these steps. It can’t stop step 1, because it can’t stop technically skilled people from ripping the content. It can’t stop steps 2 or 3 because the content is no longer protected by DRM when those steps occur.
“People can buy bolt cutters too, but people are still pretty comfortable with thinking of their pad-locked gates as “fairly secure.””
That’s because “withstands bolt cutters” isn’t intended to be one of the security properties of a normal pad-lock. The primary security property of a DRM system is to prevent unauthorized access to the content in plaintext. FairPlay doesn’t do that anymore.
“you can read my “fairly secure” as “economically secure” if you like”
I agree that FairPlay still serves as a “convenience speedbump”, if that’s what you’re referring to by “economically secure”.
Ed on speedbumps: http://www.freedom-to-tinker.com/archives/000586.html
“This is not necessarily true. The content you receive might be encrypted so that only your security chip (integrated with your sound and graphics card?) can decrypt it, for example.”
The point of modchipping your hardware would be to get access to the content in plaintext.
Schneier: “Microsoft readily acknowledges that Pd will not be secure against hardware attacks.”
“Bruce Schneier doesn’t seem to think Palladium is technically impossible”
Creating complex software that is bug-free isn’t technically impossible either.
Schneier: “Like everything else Microsoft produces, Pd will have security holes large enough to drive a truck through. Lots of them. And the ones that are in hardware will be much harder to fix.”
“If people want to circumvent FairPlay, they can. Whether people actually do so has no bearing on the security properties of FairPlay.”
People can buy bolt cutters too, but people are still pretty comfortable with thinking of their pad-locked gates as “fairly secure.” I don’t think it’s inaccurate to describe FairPlay as “faily secure” but you can read my “fairly secure” as “economically secure” if you like; this is all that counts.
I hadn’t seen FairKeys, thanks. I think my point remains though: for whatever reason, the ordinary person doesn’t use it.
“It only takes one person with modchipped hardware to make the content available on P2P networks.”
This is not necessarily true. The content you receive might be encrypted so that only your security chip (integrated with your sound and graphics card?) can decrypt it, for example.
Bruce Schneier doesn’t seem to think Palladium is technically impossible:
http://www.schneier.com/crypto-gram-0208.html#1
Neither does (did?) Edward Felton, actually:
“If Palladium is adopted, and if other technology vendors exploit it fully to restrict access to copyrighted works, education and research will suffer.”
http://chronicle.com/free/v49/i24/24a02701.htm
I don’t see how this squares with the statement that the “technical prospects for DRM” are “bleak.”
Thanks for posting this, Ed. Jack is always good for a few laughs. You have to love his comment that “a digital thing lasts forever.” As I posted on my blog, Fox Home Entertainment, a division of MPAA member Twentieth Century Fox Film Corporation, is so convinced that DVDs don’t last forever that they offer an official DVD replacement program.
>(Somebody should send him a copy of 17 U.S.C. 107.)
Aboslutely. Why don’t you do it? It really is a great idea.
“Why are the technical prospects are “bleak”?”
Once you hand the attacker both the ciphertext and the key(s), you’ve already lost. Obfuscation only delays the inevitable.
“Even Apple’s FairPlay is fairly secure despite operating without hardware support.”
FairPlay hasn’t been “secure” since early January.
“Nothing has happened to make the technical prospects for DRM (anti-copying) technology any less bleak.”
Why are the technical prospects are “bleak”? There don’t appear to be any technical hurdles to Pallidium, for example. Even Apple’s FairPlay is fairly secure despite operating without hardware support.
Valenti doesn’t seem to be asking for the copy protection scheme to be completely secure (“If everything stayed just as it is right now, we could probably survive it, because even with broadband it takes at least an hour to bring down a movie”), just that it make copying difficult.
I was rolling regarding another truly silly point of the interview, his analogy to the congnac glasses. That was simply ridiculous. I believe his comparison would be completed more honestly if he proposed you not be sold the adhesive to fix the broken glasses.
Actually, I think he’s evolved that meme over time.
Didn’t he used to say something like “There’s no right to fair use in the law” ?
I’m sure that Valenti is not ignorant of the laws governing fair use. This is sadly another example of a technique that seems to work for everyone but the good guys: outright lying works. Valenti states: “Fair use is not a law.” This isn’t him being stupid; he’s lying, but with the kind of macho forcefulness that pretty much stops questioning in its tracks.
This technique works because it recognizes that people respect fame. Certainly it’s easy to prove Valenti wrong in blogs or in the corrections page of the paper the next day, but who’ll ever know? A single meme escapes: “Fair use is not a law” and instantly the argument has to be “well, no, there’s this or that law that says blah blah” and that’s too many words.