Don't Buy The Open Source DRM Hype

from the useless dept

Back in 2005, we wrote about Sun's doomed plans to offer an "open source DRM" solution. Not surprisingly, that went nowhere fast. Last year, Tim Lee took apart the claims of "Marlin," a supposedly new "open source DRM" solution. As Tim noted, open source and DRM are a contradiction in terms. So, it's not clear why last week some were celebrating the latest version of Marlin. As some pointed out, just because it's open source, doesn't mean that it should be "blessed" by the tech crowd. DRM is about destroying options for what you can do with bits. Open source is about multiplying the options. To mix them together makes no sense.

Filed Under: drm, marlin, open source

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Aiwanei, 30 Oct 2008 @ 6:56pm


    actually DRM is about restricting the use of files that you have obtained either for money or for free. Open Source is about the idea of sharing source code so projects can be designed better, bugs can be found easier and a plethora of other things. Your analogy is just deeply flawed.

    reply to this | link to this | view in thread ]

  2. identicon
    some old guy, 30 Oct 2008 @ 7:01pm

    Re: Nooo..

    I think you will find that 100% of the open source community disagrees with you there, Awanei.

    reply to this | link to this | view in thread ]

  3. identicon
    Shaun Wilson, 30 Oct 2008 @ 8:03pm

    Re: Re: Nooo..

    The problem here is the definition of open source - I think we have to note Richard Stallman's objections here.

    "Free Software" is about freedom for both users and developers, with the necessity of it also being "Open Source" to comply with that definition.

    "Open Source" on it's own is more as Aiwanei stated being about "sharing source code so projects can be designed better..". Granted most "Open Source" software is "Free Software" leading therefore to most of the "Open Source" community to also be part of the "Free Software" community but there are exceptions.

    Microsoft, for example, is starting to enter the "Open Source" community (quite possibly for their famous Embrace, Extend, Extinguish approach) but it is doubtful that they would ever produce "Free Software" or be part of that community without a major shift in direction.

    reply to this | link to this | view in thread ]

  4. identicon
    Stephen, 30 Oct 2008 @ 8:27pm

    DRM is going to die, be it if the companies producing the product have to pay for the software to manage the licenses, be it if the said companies get the DRM management software for free and continue to develop it in-house, or if said companies have to PAY the end user to use the service. When my machine dies due to reload/hard drive failure/upgrade, and after the song/movie/game/whatever dies, why did I put my money into whatever it was I `rented`?

    Piracy is rampant. I get it. I also know companies want to protect their product. I'm a software author and I am very fortunate that in a very niche market so the general public is not going to get my software, or have any real interest in my software. Yes, I DO have a type of PROTECTION in the software that at least informs me of how many times the software has been installed, just like Microsoft has with their Certificate of Authenticity. I allow the company to install the software on *WHATEVER* computer they want to. I understand upgrades. I understand hard drive failures. I understand viruses. I understand bad ram nuking the OS requiring a reload because of registry corruption. DRM doesn't understand ANY of that *ESPECIALLY* when their servers go offline. Hell, I look forward to when Microsoft starts not-validating XP as I've pretty much decided to never purchase Vista or Windows 7. Can't wait for that fireworks display.

    Commercial DRM, open source DRM, pay-the-user DRM... DRM is a losing fight. It doesn't make sense. You cannot trust DRM other than you know the server you purchased it from will go down one day.

    reply to this | link to this | view in thread ]

  5. identicon
    Anonymous Coward, 30 Oct 2008 @ 10:09pm

    DRM Digital RENTAL Media

    Not 1 cent!

    reply to this | link to this | view in thread ]

  6. identicon
    d0n0vAn, 31 Oct 2008 @ 4:05am

    Re: when Microsoft starts not-validating XP

    Stephen, great comments. I do a lot of experimenting with my desktop at home. I ran XP for years and years while installing versions of BSD and Linux. Needless to say, I have wiped quite a few drives. I guess I've done this enough times that Microsoft will no longer validate my copy of XP Pro. At first I was unhappy, but then I realized that they did me a favor. I've also decided that I don't need Vista or Windows 7.

    reply to this | link to this | view in thread ]

  7. icon
    PaulT (profile), 31 Oct 2008 @ 4:25am

    Now that DRM is starting to be rejected by the music industry, hopefully this won't matter anyway and other industries will follow suit.

    However, one of the big, unspoken problems about DRM is that is reinforces existing monopolies. Just as you still can't play DVDs and MP3s out of the box on a Red Hat install thanks to patent worries, so Linux in general will have problems breaking into the desktop market while a rival OS maker can lock down the content to its own products. I've heard many people complain that Linux "sucks" because game DRM stops WINE from being able to run the thing or because they can't play their iTunes DRM crap. While everything about Linux is improving at an incredible rate - everything from software installation to hardware support - this is going to be one sticking point that will be impossible to overcome while a competitor holds all the keys.

    While I despise DRM, this is why I think that Marlin is an important project. While, in many ways, open source and DRM are incompatible concepts, there can only be positives to having a DRM that's not tied to the platforms that one company deems fit. A DRM that can actually work on any platform, be it Linux, BSD, Windows, an old Amiga that someone found in a cupboard, whatever, would bee great. It could remove both the built-in obsolescence of DRM as well as the muscle it gives to maintaining monopolies.

    DRM is the devil's work of course, and the sooner we're rid of it completely the better. Like it or not, Marlin is one backup plan that we need to have in case the idiots in charge of the content don't accept the fact that locking it down is a very bad thing for them and for us.

    reply to this | link to this | view in thread ]

  8. identicon
    Jan, 31 Oct 2008 @ 4:59am

    Why contradictory?

    Why would open source and DRM be a contradiction in terms? Yes, I also hope that DRM is going to die out... but this has nothing to do with open/closed source dichotomy. Open source is about open _source_ and not about open content.

    We can also have open source encryption tools and it is not at all contradictory with having closed emails and stuff that we encrypt with those tools.

    Open source is (and I think it should be) just about source and nothing else - BTW that's why I don't like GPLv3 because I think that it's not reasonable to 'give' someone your code and expect them to 'give' you code AND access to hardware or content or anything else.

    reply to this | link to this | view in thread ]

  9. identicon
    Chris B, 31 Oct 2008 @ 6:57am

    Open Source DRM, Why Bother?

    We see how fast closed source DRM is cracked. If DRM is open sourced, wouldn't it be that much faster and easier to crack? So what's the point of DRM again?

    reply to this | link to this | view in thread ]

  10. identicon
    Ima Fish, 31 Oct 2008 @ 7:01am

    I simply do not understand the point of open source DRM. First, because it is open source, the content industry will never trust it and will never adopt it. Second, even if it is widely adopted, it still screws over consumers and will be rejected in the market place.

    reply to this | link to this | view in thread ]

  11. identicon
    Mike M, 31 Oct 2008 @ 11:26am

    Open Source DRM

    The original article and some of the comments are just way out there. The fact of the matter is that there are several open source technologies used everyday by all sizes of business to control content; DRM is no different.

    Just because the DRM stack is open source doesn't mean that the DRM will be more easily crackable (take a look at OpenSSL for a good comparison).

    Open source is a far too often used term that people apply to a movement, a method of software release, community sourced projects and so on and so on. I think you'll find that many members of many open source communities still protect their data (sometimes, gasp!, with open source operating systems).

    Open source is about providing the source of your software allowing others to benefit from the lessons it can teach. It's also many times about allowing others to alter the software for their own purposes. This benefits the community AND the project. Nothing in there precludes protecting the data used by open source applications.

    Now a creative commons DRM solution would be wacky, but not an open source DRM solution.

    reply to this | link to this | view in thread ]

  12. identicon
    Dan, 31 Oct 2008 @ 1:13pm

    DRM will change

    Face it. DRM is here to stay. but it will change. Imagine, if you will, instead of restricting how it is used, identification tags buried deep in the code of mp3s, tying that song to a specific person. They could freely distribute if they want, but unless they scrub the IDs, it can be traced back to a specific person as the uploader.

    Most people wouldn't bother to strip out that kind of DRM, because it doesn't adversely affect them.

    reply to this | link to this | view in thread ]

  13. identicon
    Yolo Pallino, 31 Oct 2008 @ 4:09pm

    If Sun Microsystems is pushing it then you know it is crap. All the good people left that company several years ago and in its place left that idiot CEO.

    reply to this | link to this | view in thread ]

  14. identicon
    Allen, 31 Oct 2008 @ 8:38pm

    Why open source DRM won't work

    consider this psudo code
    if (validateSoftware())
    } else

    To break the DRM all i would have to do is change it to this

    Basically it will "validate" no matter what you do, and being open source there would be nothing to stop me from substituting their code for mine.

    reply to this | link to this | view in thread ]

  15. identicon
    Mike M, 1 Nov 2008 @ 4:19am

    Open Source DRM


    You are assuming that the data is in a format that can be read (i.e. not encrypted) and if so you are correct. Any DRM system that is worth it's salt (excuse the pun) won't allow this to happen. Part of the validation, (PermitProgram) will result in a key that can be used to decrypt the managed data.

    Changing PermitProgram(), or validateSoftware() isn't going to be able to result in a key that makes the data usable any more than existing DRM solutions are crackable.

    reply to this | link to this | view in thread ]

  16. identicon
    Peter, 1 Nov 2008 @ 11:55am

    DRM Encryption

    I thought the main problem with DRM schemes (open or otherwise) is that the "secret" used to prevent you reading the data straight has to live on you device (or at least be accessible to it). Therefore, the only thing preventing you from decrypting the data and saving it in an unencrypted (non-DRM encumbered) form was a convoluted secret algorithm. If that algorithm is freely available, it should be trivial to hijack it to save plain-text versions of the data. That's why DMCA includes "don't tamper with the DRM": to stop you from doing the obvious.

    reply to this | link to this | view in thread ]

  17. identicon
    Anonymous Coward, 2 Nov 2008 @ 7:22pm

    Apple's OS10 is open source, but it's far from free.

    reply to this | link to this | view in thread ]

  18. identicon
    DanC, 3 Nov 2008 @ 6:48am


    Apple's OS10 is open source, but it's far from free.

    Incorrect. The core of Mac OS X (Darwin) is open source, and is freely available.

    reply to this | link to this | view in thread ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)


Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.