August 8, 2022

Archives for March 2004

Witty Worm Analysis

Peter Harsha at CRA points to an interesting analysis, by Colleen Shannon and David Moore of CAIDA, of the recent Witty worm.

Light Weight

Derek Slater discusses Fraunhofer’s new Light Weight DRM system. Derek is skeptical but states his opinion cautiously, not being a technologist. In any case, Derek gets it right.

It’s hard to see much that’s new in this proposal. If we ignore the newly coined LWDRM buzzword and the accompanying marketing spin, we’re left with a fairly standard looking DRM scheme, of the type I call mark-and-trace.

Mark-and-trace DRM schemes try to put a unique, indelible mark on each legitimate copy of a work, so that any infringing copies found later can be traced, with the aid of the mark, back to the legitimate copy from which they originated. Such schemes have fallen out of favor recently, because of two problems.

First, the mark must really be indelible. If an adversary can remove the mark, the resulting “scrubbed” copy can be redistributed with impunity. Nobody has figured out how to make marks that can’t be removed from music or video. Past attempts to create indelible marks have failed miserably. A notable example is the SDMI watermarks that my colleagues and I showed were easily removed.

Second, blaming the buyer of an original for all copies (and copies of copies, etc.) made from it just isn’t practical. To see why, suppose Alice has a big collection of music on her laptop. Then her laptop is stolen, or somebody breaks into it electronically, and all of her songs end up on millions of computers all over the Net. What then? Do you take all of Alice’s earthly possessions to compensate for the millions of infringements that occurred? (And if that’s the policy, what sane person will buy music in the first place?) Or do you let Alice off the hook, and allow burglars to defeat your entire DRM scheme? Nobody has a plausible answer to this question; and the Fraunhofer people don’t offer one.

Utah Anti-Spyware Bill Becomes Law

Ben Edelman reports that Utah’s governor signed HB323 into law yesterday. That’s the anti-spyware law I discussed two weeks ago. I guess we’ll find out whether the bill’s opponents were right about its supposed burden on legitimate software businesses.