Category Archives: drm


Steve Jobs on DRM: sense and nonsense

Kudos – mostly – to Steve Jobs for his remarks on Apple and DRM. I like his closing comments:

Convincing [big music companies] to license their music to Apple and others DRM-free will create a truly interoperable music marketplace.  Apple will embrace this wholeheartedly.

Yes please. But while I applaud these remarks, I have to note some curious logic in the rest of his defence of Apple’s DRM policy. Remember, the essence of the complaint against Apple is that it will neither license its FairPlay DRM to others, nor support other DRM schemes in its iTunes store. The consequence is that iTunes customers are locked to Apple’s software, and for portable devices, largely to its hardware as well.

Jobs says Apple doesn’t license FairPlay because it could compromise its “secrets”:

The most serious problem is that licensing a DRM involves disclosing some of its secrets to many people in many companies, and history tells us that inevitably these secrets will leak.

However, Jobs has already stated that such secrets often get cracked anyway. The intransigent problem is that the keys reside on the user’s own machine:

In other words, even if one uses the most sophisticated cryptographic locks to protect the actual music, one must still “hide” the keys which unlock the music on the user’s computer or portable music player.

This is a greater impediment to FairPlay’s security than licensing it would be. Further, any iTunes purchase can be burned to CD and ripped to unprotected files, albeit with loss of quality if you choose a compressed format. I also note that DVD Jon (as far as I’m aware) achieved his success at cracking DRM by reverse engineering, not industrial espionage.

So this statement makes no sense:

Apple has concluded that if it licenses FairPlay to others, it can no longer guarantee to protect the music it licenses from the big four music companies.

Apple has actually concluded that it can’t “guarantee to protect the music” anyway, irrespective of whether it licenses FairPlay.

Further quibbles: Jobs sees a “a very competitive market”, where others see Apple’s unhealthy dominance, particularly in portable music players.

Another. Jobs says:

Since 97% of the music on the average iPod was not purchased from the iTunes store, iPod users are clearly not locked into the iTunes store to acquire their music.

No Mr Jobs, they are not locked into the iTunes store (yet). They are locked into the iPod to play this music back. Well, subject to the caveats already discussed. And what about iTunes exclusives?

Finally, Jobs notes that “The music companies sell the vast majority of their music DRM-free”, referring to the continuining importance of CD sales, which greatly exceed online sales.

Yet CD sales are declining and will continue to do so. We are having this discussion because we know that those figures will swing, probably quite fast, and that online or subscription sales will dominate the music business.

Users would love to see more legal, DRM-free downloads. In the meantime, Apple’s refusal to interoperate its DRM with others remains anti-competitive.

Technorati tags: , , ,

The best and worst of Vista multimedia

A friend called on Christmas day. She was away from home and had forgotten to set the video to record a couple of TV programmes. We’re testing Vista media center, so it was a matter of going to Vista’s TV guide, scrolling to the programmes she wanted, and selecting Record. What about the transfer to DVD? Next day, I selected Recorded TV, and scrolled through the recordings, each of which has a preview image. When I found the right one, I clicked on it and noticed that Burn CD/DVD was one of the menu choices. So I stuck a blank DVD -R in the drive, clicked Burn CD/DVD, and a while later (quite a long while) it was done. Tested the DVD in a standalone DVD player and it worked fine. I don’t miss VHS one bit.

Now have a read of Peter Gutmann’s Cost Analysis of Windows Vista Content Protection. Gutmann is a security specialist who describes himself as a professional paranoid, which perhaps explains the tone of the piece – he calls Vista’s content protection a “suicide note”. I doubt he is correct in all his conclusions, but nevertheless it shines a fascinating spotlight on this aspect of Windows Vista.

It has always been possible to make unlicensed copies of media such as music and film, but in the pre-digital world it was inconvenient and always involved some loss of quality. Personal computers changed all that, particularly when combined with the cheap storage which we now have in abundance. This is bad news for industries that depend on selling this content rather than giving it away. Hence Vista tries to put media back into its uncopyable box, so that once again you have to purchase the official item.

A single pinprick is enough to burst a balloon, no matter how airtight the rest of it is. Similarly, to protect media you have to protect every link in the chain, from digital source to final output. Vista calls this the Protected Media Path; read the MSDN article here. The system is intricate and complex, and as Gutmann notes there are undesirable implications. The Protected Environment (PE) relies on “trusted components” such as drivers, codecs and content processors. Each component must therefore be signed by Microsoft after a verification process. But what if a bug or design flaw has slipped through, allowing content to be pirated (a pinprick)? Then the component can be “revoked”, which means some hardware or feature in your system will no longer work properly. Content publishers can even specify that their content will not play if a component known to be unsafe is present, by checking against a revocation list.

Ideally, a revoked component will be replaced by an automatically downloaded update. However, Microsoft’s document on the subject acknowledges that this may not always be the case:

In rare cases, an updated version of the component may not be available, for example, the company that implemented the component has gone out of business. If the component is not essential, the PE can work around the issue by not loading the component. If the component is essential, the application is provided with a URL that directs the user to a Web page that has information on the issue.

That might mean no more protected content for you unless you actually replaced the hardware with something else for which trusted components exist. I presume however that you would still be able to play unprotected content. Still, this would be a severe outcome if, for example, you had a large collection of HD-DVD movies that you played on the system.

It is understandable if hardware vendors such as ATI are unenthusiastic about all this. They have to do the work of creating suitable hardware and drivers, but the beneficiaries are the owners of the protected content.

Several obvious questions come to mind:

  • Will this really work? Such a complex system must be vulnerable to the efforts of determined hackers, as other DRM schemes have been in the past.
  • When playing protected content, what are the performance implications?
  • How about when playing unprotected content ? What, if any, is the performance impact of all this content protection then? Perhaps there is none. It strikes me though that there could be unwanted side-effects.

The existence of this DRM edifice also impacts all of us as consumers. When we purchase content, we’d like to be able to play it on as many devices as possible: home stereo, wireless streaming around the house, computers, portable devices. Technology is at last enabling this freedom, but now technology is also taking it away.

I’ll come back to where I started. Whether Vista content protection stands or falls will depend on the user experience. If it is good, as with my DVD burning from media center, then consumers will forgive a lot, to the frustration of anti-DRM advocates. That’s why Apple gets away with the iTunes store/iPod lock-in. If it is bad, this will damage Vista and Microsoft.


Interesting thread here on audio processing in Vista. Here’s what Amir Majidimehr, digital media VP at Microsoft, has to say about DRM in Vista audio (and referring specifically to Gutmann’s piece):

The writer unfortunately, is misinformed about the Vista content protection capabilities. Yes, it is true that Vista has a substantially upgraded *infrastructure* for content protection. However, its usage is optional and no application is forced to use it. To wit, current HD DVD/BD players do not use any of it and as such, are only subject to provisions of copy protection for those formats (namely, AACS). Ditto for any third-party application that you may run on Vista. As long as they don’t call the new facilities, they run as they did always.

So for all practial purposes, Vista and XP behave the same wrt to playback of digital media.

Vista does allow new applications to provide a new level of robustness against attacks should they wish to provide this level of content protection. That may enable them to get access to content that would not be available otherwise (think HD downloads near Theater release window). As this feature required core operating system changes, we incorporated them into Vista. As with all new facilities, it may be years before they are taken advantage of.

That’s reassuring with respect to my third question above.

Customer complains about iTunes DRM, gets refund

When Anthony Marrian purchased the comprehensive Bob Dylan “digital box” from Apple’s iTunes music store, which retails for a not insignificant £169.99, he was looking forward to playing it both at home and when out and about with his iRiver H340 music player. He was disappointed to discover that the files were “not recognized” by his player and complained to Apple.

I told them that at no point during the sales process was there any indication that the download would only work on an iPod. They replied that all their sales were non-refundable.

He persisted.

This resulted in “My name is Patrick and I will be assisting you. I understand that you are unhappy about not getting a refund for your Bob Dylan album. I know that can be frustrating”. Patrick then invited me to leave feedback on a web page which states “Comments will be read but not replied to”. After I’d suggested to Patrick that leaving additional feedback was likely to be a waste of time given that he had already replied to the only feedback I wished to leave, I got an email from Sam who said that in this one, exceptional, case s/he was prepared to refund me.

Kudos to Apple for the refund, which surprises me. I doubt it was legally required, since the iTunes small print includes all sorts of restrictions. But Marrian’s experience illustrates the DRM problem: many customers of online music stores have an expectation that they can make full personal use of what they buy, when the reality is different.

Even without the DRM Marrian would have problems, since the iRiver device does not support the AAC codec. He could have burned the tracks to CD and ripped them back as MP3 (with loss of quality); or he could have used unauthorised DRM-stripping software to remove the DRM and then converted them using a utility, again with loss of quality. Apparently Apple’s customer service folk did not propose either solution, and I agree with them: if you spend £169.99 on music you don’t expect to have to jump through hoops to play it.

The situation seems almost hopeless. If Microsoft prosper with Zune, then the world gets yet another lock-in DRM scheme to contend with; yet even that may be better for the consumer than a continuing lack of effective competition for iTunes/iPod.

The irony is that pirates who freely exchange copyright MP3 or even non-lossy Flac music files are getting a better product than the law abiding folk who are willing to buy legal downloads.

The best hope is that either anti-trust regulators like the Norwegian Consumer Ombudsman force Apple and others to give consumers a better deal; or that potential customers like Anthony Marrian simply refuse to buy on the terms currently offered.

I’m also in the latter camp. In fact, the latest iTunes music store appears to be blocked by my firewall; I get this:

I’m in no hurry to get it fixed.


Frank Shaw says  phones will beat the iPod. Maybe. Three things though:

1. We haven’t seen the Apple phone yet.

2. The telecom companies may have the hardware, but have not yet matched the iTunes music store to win download purchases.

3. Integration. Apple does a great job of integrating internet store/PC or Mac/iPod; and is bringing the home TV into the loop as well. Oh yes, and all those iPod docks fitted in cars these days. To win you need to match the whole ecosystem, not just a part.


Technorati tags: , , , ,