Machine Shop
Digital Rights and Restrictions
Sony, Apple and especially Microsoft illustrate differing approaches to Digital Rights Management.
By Simson Garfinkel
Here is a typical problem: I have a document file that I want to
share with my coworker James. I want James to be able to read the file
and send me his thoughts and corrections, but I don't want him to be
able to print it or share it with anybody else in his office.
You might wonder why I am sending this document to James at all,
since I obviously don't trust him to behave in a responsible manner.
But perhaps I don't have a choice. Perhaps the document is a price list
that James needs to get his job done: I'm worried that James might be
thinking about taking a job with a competitor, but the data may help
him close a deal for our company today. Perhaps what I've been calling
a "document" is really a movie file and James is a critic for the Los
Angeles Times. I want him to write a review, but I don't want him to
share copies of the DVD with 10,000 of his closest friends. Perhaps my
real fear isn't James at all, but his 16-year-old son who recently
installed file-sharing software on his home computer. With all the
Trojan horses that are loose in the world, the document might get out
without James even realizing his complicity in the act.
What's needed here is a strong dose of digital restrictions
management, better known as DRM. Many people in the computer industry
think that DRM stands for digital rights management. Don't believe it.
DRM is all about imposing restrictions and limitations on computer
users and their systems so that certain activities are difficult or
virtually impossible. DRM is about restrictions, not about rights.
Microsoft's Word on DRM
There are many different kinds of DRM systems. Some are based on
strong cryptography, others lock up content so that it can be accessed
only with special readers or viewers that implement particular
restriction policies, but all are fundamentally based on the honor
system. Each of these approaches is built into the current version of
Microsoft Word, which makes Word an excellent tool for exploring DRM.
Next time you edit a document in Microsoft Word, click on the
Options menu and then on the Security tab. You'll have an option to
give your document a password to open or a password to modify. Although
these passwords sound similar, they have very different
implementations. Word turns your password to open into an encryption
key that's used to scramble the contents of your document when it is
saved. Anybody who doesn't know the password can't open the document.
This restriction is implemented by the mathematics of cryptography, not
by the Word application, so you can't get around it by trying to open
the document with another application—for example, using the TextEdit
application that's built into the Macintosh operating system.
On the other hand, the restrictions implemented by a password to
modify are implemented by the Word application itself. When you tell
Word to open a document with a modify password, Word asks you for the
password. If you don't know the password, Word gives you the option to
open the document in read-only mode. Once opened, Word remembers
whether you typed the correct password, which it uses to determine
which restrictions you need to abide. Other programs don't implement
these restrictions. You can open a Word document saved with a password
to modify using TextEdit and modify the document to your heart's
content. And even Word isn't too circumspect about its restrictions.
You can't modify a document that's opened "read only," but you can copy
the text and paste it into a new Word document. Indeed, there is
nothing to prevent you from taking this new document and saving it
under the original's file name.
The lesson here is not
that consumers will reject DRM; Apple has sold hundreds of millions of
songs on its popular iTunes service, even though every one of those
songs is encoded with a DRM system.
Despite these limitations, this approach of putting the security
into the document itself has advantages. You don't need to worry about
executives losing laptops or enemy hackers stealing precious documents,
since the security is in the document itself. Also, different documents
can have different policies—just give them different passwords.
Managing all of these passwords can be a real hassle. That's the
idea behind systems such as Microsoft Windows Rights Management
Services (RMS), a special breed of DRM that's designed for protecting
Microsoft documents. With RMS, each document has its own encryption
key. RMS checks each user who wants to access a document to make sure
that he is allowed to do so. If he is allowed, RMS automatically hands
a copy of the document's key to the user's copy of Word or Excel, and
the application opens the document. The whole thing is supposed to be
completely transparent to the user. Microsoft has another plug-in that
makes RMS work with HTML documents downloaded over the Web.
If It Quacks Like a Duck...
On its webpages describing RMS, Microsoft argues that its enterprise
rights management framework is different from DRM systems. DRM systems,
says Microsoft, are a "specific kind of rights management, focused on
protecting commercial content such as songs and movies." But this is
not a difference based in technology—it's one based on marketing.
Commercial DRM systems designed to restrict access to songs and movies
are controversial, and Microsoft is doing its best to differentiate its
business-targeted RMS technologies from its consumer-targeted DRM
offerings.
DRM is controversial because the technology's fundamental goal is to
restrict what consumers can and cannot do with digital content—in many
cases digital content that the consumers have legally purchased and
expect to use as they wish. Back in 1984 the Supreme Court of the
United States ruled in its famous Sony v. Universal Studios that it is
legal for consumers to tape movies that are broadcast over public
airwaves and watch them at a later time—a practice that's sometimes
called "time-shifting." Of course, the same technology could also be
used to copy prerecorded videotapes, a practice that's sometimes called
"piracy." Universal Studios had sued Sony, arguing that it should be
illegal to sell the Betamax Video Cassette Recorder because the device
could be used for illegal purposes. The Supreme Court disagreed.
Striking out in the courts, record labels and studios turned to
technology to make it harder for consumers to make unauthorized copies.
For example, in 1985 the movie industry introduced a system called
Macrovision, which was designed to disrupt the analog VCRs of the day
and make it impossible for them to copy prerecorded videotapes.
Macrovision is still used today, although these days modern VCRs and
DVRs automatically detect the Macrovision signal and display a warning
message stating that the content may not legally be recorded.
Rootkits and iPods
DRM got a bad name this past Christmas season when Sony, now a major
record label, snuck a DRM technology (involving a rootkit) onto several
dozen musical discs that it was selling. The discs played just fine in
a conventional CD player, but put one into a PC running the Windows
operating system and the CD would covertly install a program that was
designed to limit what the consumer could do with the disc that he had
just purchased. Unfortunately, the Sony software also damaged the PC,
rendering the computers vulnerable to attack by hackers and, in some
cases, making the computer crash. Sony suffered a huge amount of
embarrassment from the incident, was targeted by several class-action
lawsuits and was ultimately forced to recall millions of discs.
But the lesson here is not that consumers will reject DRM and that
companies should avoid it at all costs. Apple has sold hundreds of
millions of songs on its popular iTunes service, even though every one
of those songs is encoded with a DRM system that restricts songs so
they can be played only on computers belonging to the person who bought
them. One important difference between the Apple and the Sony systems
is that Apple DRM is implemented directly in iTunes and doesn't modify
the host computer's operating system. Another important difference is
that Apple doesn't try to covertly hide the program from the user, the
way Sony did.
Ultimately, though, all of these DRM systems can be defeated. You
can burn your iTunes songs to an audio CD and then play them on any
computer you want. Sony's rootkit didn't work on Macs or PCs running
the Linux operating system. Future hardware advances such as the
Trusted Computing Group's Trusted Platform Module (TPM) eventually will
make it easier to build strong DRM systems. But ultimately all of these
systems, even though based on TPM, can be defeated. Consider my friend
James: He always has the option of reading his DRM-protected document
out loud while a coconspirator types the words into a laptop. If people
can read the content, people can copy it.
Also check out:
Simson Garfinkel, PhD, CISSP, is at Harvard University researching computer forensics and human thought. He can be reached at machineshop@cxo.com.
|
