Just when you thought Linux was safe

Interesting development for Linux lies ahead. You would think that Linus would get a clue and realize what DRM *really* is. DRM -in case you don't know- stands for digital rights management, and it is Microsoft's way of transforming our pcs into little more than glorified word processors that have to obtain permission from both both Bill & the entertainment industry before you can do anything.

Think having to activate Office is a pain in the rump? Wait til you get a load of DRM. Eventually you won't be able to install *anything* on your own HD without the express consent from M$oft. And forget about listening to a music CD on the computer. You won't be able to do *that* either without paying the RIAA a percentage for the privilege of listening to music that you already own.

For further ref:
http://www.digitalconsumer.org/
*********************************
<excerpt from politechbot>
Date: Thu, 24 Apr 2003 09:52:07 -0700

Subject: Linus on DRM

Hi Declan,

You may have already seen this, but if not, it's pretty interesting.

----- Forwarded message from Linus Torvalds -----

From: Linus Torvalds
Date: Wed, 23 Apr 2003 20:59:45 -0700 (PDT)
To: Kernel Mailing List
Subject: Flame Linus to a crisp!

Ok,
there's no way to do this gracefully, so I won't even try. I'm going to
just hunker down for some really impressive extended flaming, and my
asbestos underwear is firmly in place, and extremely uncomfortable.

I want to make it clear that DRM is perfectly ok with Linux!

There, I've said it. I'm out of the closet. So bring it on...

I've had some private discussions with various people about this already,
and I do realize that a lot of people want to use the kernel in some way
to just make DRM go away, at least as far as Linux is concerned. Either by
some policy decision or by extending the GPL to just not allow it.

In some ways the discussion was very similar to some of the software
patent related GPL-NG discussions from a year or so ago: "we don't like
it, and we should change the license to make it not work somehow".

And like the software patent issue, I also don't necessarily like DRM
myself, but I still ended up feeling the same: I'm an "Oppenheimer", and I
refuse to play politics with Linux, and I think you can use Linux for
whatever you want to - which very much includes things I don't necessarily
personally approve of.

The GPL requires you to give out sources to the kernel, but it doesn't
limit what you can _do_ with the kernel. On the whole, this is just
another example of why rms calls me "just an engineer" and thinks I have
no ideals.

[ Personally, I see it as a virtue - trying to make the world a slightly
better place _without_ trying to impose your moral values on other
people. You do whatever the h*ll rings your bell, I'm just an engineer
who wants to make the best OS possible. ]

In short, it's perfectly ok to sign a kernel image - I do it myself
indirectly every day through the kernel.org, as kernel.org will sign the
tar-balls I upload to make sure people can at least verify that they came
that way. Doing the same thing on the binary is no different: signing a
binary is a perfectly fine way to show the world that you're the one
behind it, and that _you_ trust it.

And since I can imaging signing binaries myself, I don't feel that I can
disallow anybody else doing so.

Another part of the DRM discussion is the fact that signing is only the
first step: _acting_ on the fact whether a binary is signed or not (by
refusing to load it, for example, or by refusing to give it a secret key)
is required too.

But since the signature is pointless unless you _use_ it for something,
and since the decision how to use the signature is clearly outside of the
scope of the kernel itself (and thus not a "derived work" or anything like
that), I have to convince myself that not only is it clearly ok to act on
the knowledge of whather the kernel is signed or not, it's also outside of
the scope of what the GPL talks about, and thus irrelevant to the license.

That's the short and sweet of it. I wanted to bring this out in the open,
because I know there are people who think that signed binaries are an act
of "subversion" (or "perversion") of the GPL, and I wanted to make sure
that people don't live under mis-apprehension that it can't be done.

I think there are many quite valid reasons to sign (and verify) your
kernel images, and while some of the uses of signing are odious, I don't
see any sane way to distinguish between "good" signers and "bad" signers.

Comments? I'd love to get some real discussion about this, but in the end
I'm personally convinced that we have to allow it.

Btw, one thing that is clearly _not_ allowed by the GPL is hiding private
keys in the binary. You can sign the binary that is a result of the build
process, but you can _not_ make a binary that is aware of certain keys
without making those keys public - because those keys will obviously have
been part of the kernel build itself.

So don't get these two things confused - one is an external key that is
applied _to_ the kernel (ok, and outside the license), and the other one
is embedding a key _into_ the kernel (still ok, but the GPL requires that
such a key has to be made available as "source" to the kernel).

Linus

Removed several e-mail adresses

 

I ignorant enough that I don't understand a word of what he's saying. I'm guessing it's not good news though.
I'm intelligent enough to know that DRM is an insult to computer owners around the world, and I'm scared enough to believe that soon, the freedom to compute the way you want to will no longer exist, except on outdated systems that will not be able to take advantage of any new technology.
Employing new technologies under the guise of combatting piracy and virus problems, will in effect give Bill Gate$ and Company total control over what can be done and how it can be done.
It's an old story, rulers using fear and expediency as a tool to accomplish their own sinister agenda, with little or no opposition from the common masses.
I can remember when men would die for their right to be free and independant.
Now they watch the vomit of reality TV programs, drive their gas guzzling SUVs to and from a box they work in for eight hours a day, and lap up the latest OS that M$ leases on the masses.
I think I'll be ill.

 

I am not happy either,its true root that men and women fought and died for freedom, that still goes on today and yet a very large proprtion of the world is going to accept this without so much as batting an eyelid.
Freedom and privacy are hard fought for and people need to learn whats happening now,otherwise what an insult to decades of freedom fighting.

 

I didn't see any reference to MS in Linus' "e-mail".

I'm no expert either, but DRM appears to me to be a more forceful way to combat piracy, but ok...let's blame Bill. I think Symantec and Autodesk would rather you do that than "blame" them.

Clue me in, Mothman: What *is* DRM? Can someone give a reason *why* a company would knowingly make procuring and installing software more difficult than it already is, if it isn't about managing rights to the software? If the reason is: "So the big bad software companies can make more money!" then I say: You're exactly right...so they can make more money and quit losing money to the pirates. Unfortunately, "one bad apple" is spoiling it for everyone...

Again, I'm not saying I like it any more than anyone else--just that it seems short-sighted to me to blame MS for something that almost all software companies are doing in some way.

<Jim dives into fox hole with Linus and Patrick Henry...>

 

Consider Yourself Enlightened

M$oft and the entertainment cartel -RIAA & MPAA- love people who are sufficiently gullible to believe that DRM is *all* about combating piracy. These are the same people who would go for a great deal on ocean front property in Arizona.

***************************
Digital Rights Management

Panel at Emerging Technology
Dan Gillmor: DRM should be Digital Restrictions Management.

Wish Jack Valenti was here... he's a gentleman and a persuasive, charming guy, even though he doesn't answer direct questions when yhou ask him. He has a big industry behind him.

Joe Kraus: DigitalConsumer.org. In DC with full time lobbying staff. Silicon Valley stays out of politics... "if you don't agree with my position, I should tell you my facts again." Legislators don't respond to this. Also in Silicon Valley assume that new technologies will overcome policy problems, but this is not necessarily the case. We have to acknowledge that there is an attack on innovation. Joe got involved and learned that you can have an effect... it makes a difference for them to know that we eill cheer them on if they upset Hollywood.

Wendy Seltzer of EFF (legal context): This is definitely digital restrictions management - not talking just about the rights of the copyright holder. Also talking about what you can do as someone who wants to design a new system for digital media... restrictions placed in various places... on the media, in the devices that play the media, and on the networks that we use to view/hear the media.

Traditional copyright law prior to DMCA gives copyright holders certain exclusive rights - but they are limited. Still give the right to privately perform and make fair use. Thereare holes in copyright holders rights that are an important part of the balance, that the copyright holder does not have a right to control. Copyright holders using certain technologies to restrict rights - to restrict what you can do with the media. You could debate in the tech realm how effective those restrictions in technology layer were.

DMCA adds another layer - now if there is circumvention of the tech measure or offer tools for the circumvention, it's a crime. It's no longer a question whether you're clever enough to get around the technology - now circumvention is a crime. Goes beyond right to control public performance... e.g. when you buy a DVD you no longer have the right to access it by whatever means, but by the means dictated (licensed) by the copyright holder. Also technologists no longer have the right to tinker with the technology, to study it, to create workarounds even for fair use. Fair use becomes unlawful under DMCA, according to the studio (will hear arguments on that in a specific case Friday morning...)

Film studios use the words theft or piracy, and we're not allowed to discuss the impact on the Internet. ISPs are being told to turn over the names of customers and colleges told to turn off access to certain users to prevetn this 'theft.' Will the restrictions break the technologies?

Bunny Wong: role of DRM in the future. Some solutions require DRM of sorts... e.g. video games you play online. Will TCPA or Palladium be effective means of enforcement? We want a second opinion! Palladium is a sweeping change... encrypt video io, keyboard, controller... do we get an extra sense of security and safety from this chipset? Could we have done this with the technologies we have already - existing technologies without overriding our rights. Microsoft believes that hardware attacks on secure computerss are not a threat - "most users won't."

Cory: Microsoft is trying to lock people out of the kind of innovation that made the company. Good news: Napster built a huge library, and the copyright law was used to burn that library to the ground... but it sprung up again! But the bad news is not that there are folks engaged in ongoing attempts to burn down the library, i.e. MPAA, RIAA, etc. The blame is not with them.... we have to blame ourselves. There were 57 million Napster users when Napster went dark. This is more than voted in the presidential election (50 million). The problem here isn't that we built a library or the recording industry is losing money. The problem is that copyright's objective is to build libraries, and its tactic is to compensate artists... Napster had no provision for that. Incentives are important, so we should compensate those who create.

Entertainment industry has traditionally tried to change copyright. We did it with piano roll... radio... vcr. We need to resolve by figuring out how to compensate artists... and the questions around this are not answered by DRM. The question DRM answers is how do we burn the library down for good. Instead of trying to keep the libraries viable, how do we accommodate the property rights of the entertainment companies, is the question they're asking in DC, and it's the wrong question.

So instead of the broadcast flag, where broadcast industry gets a veto right over the design of pcs - and watermark technology, where pcs shut down when watermark is detected, we should be building libraries.

The answer is to not run like roaches when they turn the lights on. When we hear about this piracy, ask why should we burn the libaries down. The thing is to open the debate about how to compensate artists.

Q&A Cory: buying a PC doesn't make you opposed to file sharing, but supporting DRM makes you supportive of burning down the library. Evidence that people who do file sharing buy cds. How will debate change when next version of office comes out and it actually empowers users to enforce their own digital rights. Cory: don't think it'll shift geek sensibilities. Dan: question is more about mainstream than geeks. Joe: people will at first be excited about it, then they will realize that the less they make themselves connected, the less valuable their stuff becomes. People may learn that the value is there, in the connections, and not so much in their work. But in short term people will hoard more.

Wendy: problems with this technology. First, when it fails (can't print a file for a presentation you need)... then when it works (can't share a file with colleagues).

Cory: the three whistle blowers on the cover of Time Magazine this year would not have been able to forward the files as they did.

Bunny: Recording industry is part of an overhead the Internet can make extinct. We need micropayments. You can't pay ten cents to an artist... overhead of server farm, secure encryptions, etc.

Cory: go to people in organization - MPAA Technical Working Group - tell them that the broadcast flag is wrong. Ask them to stop.

At the end of the day, copyright law is broken for this. Contractual negotiations are complex. Hollywood is capable of having the law changed in its favor. To the extent that entertainment industry can lobby to get DMCA enacted...

Greg Elin: a lazy web idea: a payment system done with your individual blogroll.
***************************
Additional REFS:
http://www.eff.org/IP/DRM/
http://www.eff.org/IP/DRM/fair_use_and_drm.html
http://www.eff.org/IP/SSSCA_CBDTPA/20020322_eff_aol-intel_critique.html
http://www.eff.org/bayff/20020212_bayff_announce.html
http://www.digitalconsumer.org

 

Re:Consider Yourself Enlightened

 

Consider Yourself Enlightened--Redux

Since this thread morphed into hysteria about the DMCA, --which, incidentally, has been law for over 4 years--it might also be useful to know that the most current legislation being proposed is a *relaxation* on that law.

Of course, stuff like that doesn't get mentioned much amid the "furor".

Don't believe me? Google a search on Rick Boucher and Zoe Lofgren's pending legislation regarding DRM/DMCA, or the BALANCE act.