Tuesday, February 28, 2006

imho DRM7


Found content: http://www.itarchitectmag.com/shared/article/showArticle.jhtml;jsessionid=1QXBNWQSDF4GUQSNDBECKH0CJUMEKJVN?articleId=174400783

My take:

DRM is another name for cryptographic containers that wrap content in persistent policies under the control of the content’s creator and/or owner. It’s also another name for whatever bad dream all that crypto conjures in your fevered imagination. For some folks, it’s hard to look at crypto without a post-9/11 night sweat: as another type of dangerous munition that may be wielded by swaggering world-dominating maniacs, unless we find and defang them promptly.

Think of all of the content that’s created in Microsoft’s software products. I’m writing this blogpost in Microsoft Word 2002 (my other two computers have two more current versions of that program). When I’m done writing this, I’ll copy/paste it into an HTML e-form at http://www.blogger.com/ by means of my Microsoft Internet Explorer 6.0 browser. If I get tired before I’m finished writing, and before I post, I’ll e-mail the unfinished text from my Microsoft Outlook Express client through my Microsoft HotMail account to another e-mail account (on Microsoft Exchange) that I’ll access in the morning through Microsoft Outlook. Of course, all of that software is running on the several versions of Microsoft Windows that I run on my various computers.

Think of all the potential for Microsoft to wrap its DRM tentacles around my content and your content—or rather, to give us the tools to wrap our personal tentacles around our own content, but with Microsoft-proprietary DRM technologies, including (especially) Windows Rights Management Server. The author (Michel Labelle) of the referenced article (Microsoft’s DRM Conspiracy) thinks a bit too much about it, or so it seems. Doesn’t the following article excerpt sound perhaps just a wee bit alarmist?:

  • “Microsoft has been quietly introducing a number of dubious technologies. First came Windows Rights Management Services (RMS). Digital Rights Management (DRM) is always bad, and it just doesn’t go well with business data. Losing the keys to the DRM store could lock an organization out of all its data….Vista goes so far as to prevent you from viewing DRM content unless you’re using a DRM-equipped monitor….It doesn’t take much of a leap of faith to see that Microsoft is setting us up as a captive market….Once a business goes down the DRM route for security its corporate data store, there’s no getting out. It will be impossible to effectively extract intellectual property that’s locked into a Microsoft proprietary format with Microsoft-specific DRM technology….Unless we heed the alarm, this could turn into a real nightmare.”

Now, I haven’t investigated Microsoft RMS in any great detail, but I take issue with several points in Labelle’s rambling argument.

First, DRM is not always bad—in fact, it’s usually a good thing—especially in the corporate world that is Labelle’s focus. DRM is another name for content and/or code license management technology. As such, DRM doesn’t differ in principle from the discretionary access controls supported in many operating environments, database management systems, and document repositories. Call it discretionary rights management.

Second, DRM, in the corporate world, isn’t usually implemented as a centralized “store” that has a specific set of “keys” that are in danger of being lost and thereby locking away all corporate data in perpetual irretrievable cold storage. DRM is a set of technologies that--depending on approach, vendor, and product—relies on various cryptographic techniques (involving asymmetric/public and/or symmetric/secret keys). More to the point, only an insane corporate database, document, or content manager would centralize all DRM-protected content and DRM keys, and then fail to backup any of this content or crypto material in off-site storage.

Third, what is a “DRM-equipped monitor,” how in the world would it operate, and why exactly would Microsoft design the next version of its client OS to prevent somebody from viewing some DRM-protected content if they don’t happen to be using this strange new display technology? That’s the first I’ve ever heard of a display technology that’s been built to selectively opaque data that the user has retrieved from storage, been loaded in memory, and processed by that node’s CPU. Is it sort of like the “V-chip”? Will it be factory-equipped to conceal data that’s embarrassing to Microsoft?

Fourth, what’s this jazz about DRM as a vortex that sucks businesses down to some hideous abyss, never to be seen from again? You can, of course, use DRM technologies to unlock/liberate data and display/store it in the clear—if that’s the policy you choose for a particular piece of DRM-protected data—or for an entire data set. You can liberate your data from Microsoft’s DRM technology, if you wish, only to lock it up again in SealedMedia or any competitor’s DRM containers.

Finally, was Labelle’s editor paying attention when the following sentence appeared on his or her display (or was the editor viewing Labelle’s draft through one of those magical selective-text-opaquing displays that chose to approve this nonsensical statement)?:

  • “It will be impossible to effectively extract intellectual property that’s locked into a Microsoft proprietary format with Microsoft-specific DRM technology.”

Huh? Come again? So, Microsoft specifically designed its DRM technology to irrevocably lock up any content that is created in a Microsoft proprietary format (.doc, .ppt, .xls, etc.)?

Surely, the Redmond gods must be crazy. Sound the alarm. The bad DRM dream is upon us.

Whew—got that blogpost done—now time to hit the hay. If I dare.