Apple’s DRM Cracked Again (As Expected)
Flashback to December 3, 2003:
None of this technology that you’re talking about’s gonna work. We have Ph.D.’s here, that know the stuff cold, and we don’t believe it’s possible to protect digital content.
What’s new is this amazingly efficient distribution system for stolen property called the Internet — and no one’s gonna shut down the Internet. And it only takes one stolen copy to be on the Internet. And the way we expressed it to them is: Pick one lock — open every door. It only takes one person to pick a lock.
- Steve Jobs, The Rolling Stone Interview
Within hours of yesterday’s release of iTunes 7.0, Apple’s DRM was cracked again, just as expected. Steve was correct in 2003 when he said that it wasn’t possible to protect digital content. This is because DRM is broken in a very basic way:
DRM systems are broken in minutes, sometimes days. Rarely, months. It’s not because the people who think them up are stupid. It’s not because the people who break them are smart. It’s not because there’s a flaw in the algorithms. At the end of the day, all DRM systems share a common vulnerability: they provide their attackers with ciphertext, the cipher and the key. At this point, the secret isn’t a secret anymore.
- Cory Doctorow, Microsoft Research DRM talk
In other words, encyption only keeps something secret when the person breaking the encyption doesn’t know the encrytion key. Unfortutely for DRM, the media player on the user’s computer must have the key embedded somewhere in it to be able to play back the purchased media. In effect, all the user has to do is find the key inside of the media player or alternately figure out how to grab decrypted output from the media player. Once one person figures out how to do one of these things, they can write an application to do it for everyone else and the system is broken wide open.
This cycle repeats every time a new DRM-protected application is released. Pirates quickly figure out how to copy the protected cotent, but average users play by the rules and have to put up with frustrating limitations. Ultimately, DRM is only good for two things - giving media companies a false sense of security and frustrating honest customers.
technorati tags:drm, itunes, hymn, encryption, doctorow, jobs
3 Comments so far
Leave a reply
[...] Wherever you look across the country, there are similar examples. Content providers insist of protecting their content with DRM systems that don’t work while libraries do their best to meet the needs of as many patrons as possible given the current DRM situation. Given the rate that DRM systems are changed or abandoned, many more dollars might be wasted on shorted-sighted programs before a long-term solution is found. Until then, the battle for digital libraries will continue. [...]
[...] Most online music stores employ some form of DRM to attempt to prevent customers from making unauthorized copies of music they have purchased. However, DRM systems are impossible to completely secure and are usually cracked within a few months of release. [...]
[...] The premise of the post was that DRM is impossible to secure, so this back-and-forth battle would continue indefinately. Yesterday’s post ended with a prediction: But for now, the battle continues without an end in sight. Viodentia has already announced that a new verison of his program will be available within days to work around Microsoft’s latest patch. A response from Microsoft soon after is all but assured. [...]