November 28, 2024

Audible Magic, Revealed

Chris Palmer at the EFF published a piece this week debunking the Audible Magic technology. He focuses on the CopySense technology.

Audible Magic’s CopySense

Industries to Form Yet Another DRM Consortium

A group of large movie and technology companies is about to form yet another consortium to solve the digital copyright problem, according to a John Borland story at news.com. This looks like one more entry in the alphabet soup (SDMI, CPTWG, ARDG) of fruitless efforts to standardize on an effective anti-copying technology.

The new entity will fail just as badly as the old ones, and for the same reason: there is no effective anti-copying technology on which to standardize. You can get together as many company representatives as you like, and you can issue as many joint reports and declarations as you like, but you cannot change the fact that the group’s goal is infeasible. This just isn’t the sort of problem that can be solved by negotiation.

But perhaps the group’s real goal is to limit the use of digital media technology by law-abiding consumers. That’s certainly achievable. And, as Ernest Miller notes, they may also be able to erect barriers to entry in technology markets, by creating “security” requirements that lock out smaller companies.

In the end, my prediction is that the new group will fail to reach any meaningful agreement. They’ll hold some meetings and issue some vaguely optimistic press releases, but when it comes to the hard technical issues, they’ll fail to reach a consensus.

Despite this, the group will provide its members with a certain piece of mind. It will help the movie companies sustain their fantasy of the infringement-free, pay-per-view future. And it will help the tech giants sustain the fantasy that they, rather than their customers, will decide the future of media technology.

Velvet Revolver Album Not DRMed in Japan

I wrote recently about the Velvet Revolver album that is “protected” by SunnComm ‘s ineffectual CD anti-copying technology. The technology was doomed to fail – and has in fact failed – to keep the music off the popular P2P filesharing systems.

It turns out that things are even weirder than I had thought: the very same album was released in Japan without DRM (according to Alex Halderman, who has a copy of the Japanese release). So even if the DRM technology were perfect, the music still would have leaked, via Japanese buyers, onto the P2P darknet.

DRM costs the record company money to deploy, because the DRM technology must be licensed, and because of lost sales due to DRM-induced consumer inconvenience. So why in the world would a record company pay to DRM an album in some places and not in others?

One possible explanation is that the record company is not thinking clearly about the consequences of their DRM strategy. Based on the conversations I have had with record industry executives about their DRM strategy, this theory is quite plausible.

Another possibility is that they aren’t actually trying to prevent P2P copying of this album, but are instead trying to create evidence that US consumers will accept DRMed products. As I wrote previously (“Lame Copy Protection Doesn’t Depress CD Sales Much”), experience with the Velvet Revolver album seems to indicate that consumers see the DRM as a drawback, but many are buying it anyway because they think the music is good enough to outweigh the harmful DRM.

A third possibility is that they are worried about some other threat model, not involving P2P. Perhaps they think the DRM can prevent individual disc-to-disc copying. It’s not clear how much the technology will really do to prevent such copying, or how many sales would be saved by preventing such copies. (My guess is that most people who make disc-to-disc copies would not have bought a second copy.)

My best guess is that this is just one of those odd behaviors ones sees in large organizations that are in denial about an important issue. Shipping DRMed discs in the US shows that deployment of CD DRM is proceeding on schedule, thus allowing some in the industry to maintain their self-delusion that the CD DRM strategy is viable.

Computer Ate My Vote Day

Tomorrow, July 13, is “Computer Ate My Vote Day”. Rallies will be held in many states across the U.S, to ask state officials to use safe and reliable voting technologies. I’ll be speaking at the New Jersey rally, at noon on the steps of the State House in Trenton.

Security Theater

Lots of people are telling airport-security stories these days. Thus far I have refrained from doing so, even though I travel a lot, because I think the TSA security screeners generally do a good job. But last week I saw something so dumb that I just have to share it.

I’m in the security-checkpoint line at Boston’s Logan airport. In front of me is an All-American family of five, Mom, Dad, and three young children, obviously headed somewhere hot and sunny. They have the usual assortment of backpacks and carry-on bags.

When they get through the metal detector, they’re told that Mom and Dad had been pre-designated for the more intensive search, where they wand-scan you and go through your bags. This search is a classic example of what Bruce Schneier calls Security Theater, since it looks impressive but doesn’t do much good. The reason it doesn’t do much good is that it’s easy to tell in advance whether you’re going to be searched. At one major airport, for example, the check-in agent writes a large red “S” on your boarding pass if you’re designated for this search; you don’t have to be a rocket scientist to know what this means. So only clueless bad guys will be searched, and groups of bad guys will be able to transfer any contraband into the bags of group members who won’t be searched, with plenty of time after the security checkpoint to redistribute it as desired.

But back to my story. Mom and Dad have been designated for search, and the kids have not. So the security screener points to the family’s pile of bags and asks which of the bags belong to Mom and Dad, because those are the ones that he is going to search. That’s right: he asks the suspected bad guys (and they must be suspected, otherwise why search them) which of their bags they would like to have searched. Mom is stunned, wondering if the screener can possibly be asking what she thinks he’s asking. I can see her scheming, wondering whether to answer honestly and have some stranger paw through her purse, or to point instead to little Johnny’s bag of toys.

Eventually she answers, probably honestly, and the screener makes a great show of diligence in his search. Security theater, indeed.