Why DRM doesn’t matter

Posted by on . 2 comments.

Every other day, Slashdot has a story about DRM. Most of the stories follow the same basic outline. Foo has DRM, ergo, Foo is bad (where Foo is Microsoft/Vista/etc.) In some cases, the choices that companies make about DRM causes me to scratch my head and wonder what they were thinking (WiFi music sharing on a certain mp3 player?). However, for the most part, DRM simply doesn’t matter.

The biggest noisemaker has been the new DRM features in Windows Vista. Ask a vocal DRM opposer why Linux is better than Vista and they’ll tell you that “Linux is better because it doesn’t have DRM. Vista restricts what you can do with your LEGAL music, but Linux lets you do whatever you want”. The details vary, but this is the basic idea reiterated over and over. The implication here is that Vista takes away some feature that is available in Linux, or some previous version of Windows. Obviously, this is simply not true. Vista has all the features available previously, but also has the ability to present content that has been encrypted with DRM technology. Vista does nothing to stop music or movie piracy. Vista can still play MP3s/OGG/DIVX/XVID, and does nothing to prevent pirates from putting that content onto bittorrent.

Even so, I still believe that DRM doesn’t matter. The first reason why DRM doesn’t matter is because in the end, customers will speak with their wallets. They will buy the product that they get the most value out of. If customers decide that restrictive DRM represents a significant decrease in utility to them, they will buy something else. The RIAA may blame its declining sales on piracy, but they cannot forget that every economic good has substitutes. When customers get fed up with restrictive DRM, they’ll spend their money elsewhere.

The second reason DRM doesn’t matter is because it’s fundamentally flawed from a technical perspective. From a cryptographic standpoint, DRM is the equivalent of handing over the ciphertext and the decryption key, and asking the program not to decrypt the data. This system absolutely relies on secrecy and obscurity. And as any security expert will tell you, obscurity is not security. This is also the reason why Linux will never be “capable” of DRM: an open system is incapable of maintaining obscurity.

Comments

  1. Drew says:
    January 3, 2007 at 11:08 am

    Tim,

    I’m looking for the source for your NES.Net C# NES emulator. Couldn’t find it on SF. Any chance you could post it or email it to me please? Thanks!

  2. Tim says:
    January 7, 2007 at 1:28 pm

    Drew,

    Send an email to me at tim at stranfenet dot com, and I’ll send you the latest version of the code.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>