The EFF has posted a very nice piece (apparently written by Seth Schoen) on “trusted computing” systems. The piece makes two important contributions to the debate. First, it gives the best simple introduction to trusted computing technologies that I have seen. Second, it suggests “owner override,” a technological tweak that would largely eliminate the downside of trusted computing (i.e., our loss of control over our own computers), while preserving most of trusted computing’s security benefits.

Lisa Rein has posted (with permission) a video of my short presentation at the Berkeley DRM conference. I talked about the push to turn technologies into “black boxes” that the public is not allowed to study, understand, or discuss, and how that paralyzes public debate on important issues such as electronic voting.

In today’s Los Angeles Times, Jon Healey writes about a new DRM proposal from a company called Music Public Broadcasting. The company’s claims, which are not substantiated in the story, give off a distinct aroma of snake oil.

The warning signs are all there. First, there is the flamboyant, self-promoting entrepreneur, newly arrived from another field. In this case, it’s a guy named Hank Risan, who was previously a dealer in high-end musical instruments.

“He is a very flamboyant guy, and he does things with a level of style that I don’t think is duplicated in the fretted-instrument industry,” said Stanley Jay, president of Mandolin Bros. Ltd., another elite dealer of stringed instruments. “In this industry, to make yourself stand apart, you need to be self-promotional. And he does that extremely well.”

Second, there’s the vaguely articulated theoretical breakthrough, described in mystical terms unintelligible to experts in the field:

Risan drew on his mathematical skills to come up with a different approach to the problem of unauthorized recording. Drawing on a branch of topology known as network theory, Risan said he could look at the networks a computer uses to move data internally and “visualize how to protect the copyrighted material as it transfers through those networks.”

The firm claims that its technology controls those pathways, letting copyright owners dictate what can and can’t be copied. “We control pathways that don’t even exist yet,” Risan said.

Third, there is the evidence that the product hasn’t been demonstrated or explained to its customers. But if it actually turns out to work, they are of course eager to buy it.

Zach Zalon of Radio Free Virgin, the online radio arm of Virgin Group, said he would love to license technology that prevented his stations’ Webcasts from being recorded by “stream ripping” programs. Stream rippers break through every anti-piracy program on the market, Zalon said, “so if you could somehow defeat that, it’s fantastic.”

An executive at a major record company who’s seen the technology for protecting streams and CDs said he was impressed, although he’s not sure the demonstration can be duplicated in the real world. “If it’s not snake oil, it’s pretty awesome,” he said.

And finally, the new product claims to invalidate an accepted, fundamental principle in the field – but without really explaining how it does so.

But as piracy experts are fond of saying, anything that can be played on a computer can be recorded, regardless of how it’s protected. Encrypted streams and downloads must be unscrambled to be heard on a computer’s speakers or shown on its screen. And there are several programs that can intercept music or video on its way to the speakers or screen after it’s been unscrambled.

As always, the burden of proof should be on those who are making the extravagant technical claims. If Risan and his company ever substantiate their claims, by explaining at a detailed technical level why their products prevent capture of audio streams, then those claims will deserve respect. Until they do that, skepticism is, as always, the best course.