
There's No DRM in JPEG – Let's Keep It That Way - DiabloD3
https://www.eff.org/deeplinks/2015/10/theres-no-drm-jpeg-lets-keep-it-way
======
Pxtl
To be fair, ask webcomics guys and photographers about piracy - they get the
worst of it. Big companies that would never dream of encouraging you to pirate
videos and songs functionally encourage you to swap images around constantly,
stripped and re-watermarked and whatnot.

So yes, I do feel a bit bad for small independant artists who watch the
standards bodies work themselves into a fury to protect video and audio
content while they have to deal with Google Image Search and 9gag.

~~~
MichaelGG
Protecting a single image is far more difficult. Video and audio are
"protectable" to the extent they are because there is a really low expectation
of how they have to work. Start playback, stop playback - that's about it. No
one expects to pre-render, use video as a buffer for other things, etc. You
can realistically render video direct to the screen via hardware, in a
protected path.

Doing the same for still images adds a ton of work for little payoff. And it
still doesn't prevent anything. At least in video if the system remains
uncracked, it's hard to make a copy. You can't just point a video camera at a
screen and get good results.

Whereas for a still image? Pretty easy to reconstruct the exact pixels, 100%.

Anyways, this is doomed entirely. They provide the case of social media sites
stripping off metadata. Well guess what, if your DRM is gonna prevent them
from modifying the image, it's gonna prevent them from loading the image in
the first place. Even if the JPEG folks add it, it has zero chance of going
anywhere. You'd need support from the hardware, OS, and on up. (Like video
has.)

~~~
makira
A video is just a succession of images. An image is a video with only one
frame. You could use the exact same system that protects videos to protect an
image, by making a video with one frame of very long (infinite) duration.

~~~
zapt02
Which was incidentally a technique used by early blu-ray rippers. (Making a
screenshot of each frame.)

------
bytesandbots
DRM is protection of content from the consumer itself. The consumer is going
to consume the data through an analogue channel. This channel will always be
the source of extracting redistributable content. The very premise of DRM
rules out any 100%-solution and sets it as obfuscation.

I feel it might be stupid idea but it is not impractical.

The effort of extracting content should be less than the maximum value that
can be generated by redistribution. Thus, returns from piracy diminishes as
you go from softwares to video to image to text. The effort of extracting an
image is too easy via analogue hole. This is assuming an open technology
ecosystem not exactly the RMS world but at least Linus or perhaps Mozilla. The
enforcers of the DRM do the sensible thing of spreading their proprietary
black boxes to as much people, until, they can shut down their doors to the
rest of community. That is precisely when certain open source foundations too
had to back down. That is how you can enjoy netflix only within your chrome
browser.

What bothers me is why are they trying to make it into the standards. If it is
built into the standards, it will be built into the downloaders as well.
Remember what happened with HLS AES encryption, it is now built into the video
downloaders itself. While I understand benefits of standardization, how it has
given shape to tech, it might not be true with something so un-technical as
DRM. If you do want obfuscation, at least do not make it standard procedure.
You know very well that the strongest DRM can not be technically secure.

~~~
TeMPOraL
> _The very premise of DRM rules out any 100%-solution and sets it as
> obfuscation._

> _I feel it might be stupid idea but it is not impractical._

They are willing to fuck everything up to extract more royalties. Don't worry
that you can't have a 100%-solution DRM now. When we get to the level of
advanced optical implants or even brainchips, I'm willing to bet MAFIAA will
be one of the biggest investors, in order to sneak in a DRM processor directly
into your head and then force you to consume content only through legal and
paid-for MAFIAA-certified brain chips.

~~~
GhotiFish
That's increadibly cynical, but if cybernetics ever become a thing, I think
it's painfully obvious what will happen.

Humanity is going to learn some very hard lessons if that class of
technologies ever pans out.

~~~
TeMPOraL
I wish I could attribute it to just my cynicism. I'm not saying they will
succeed, but I have no doubts they'll try very hard, like they do now with
every single piece of technology. There are millions of marketers and
executives whose only job is trying to figure out how to squeeze money out of
something, burning any value in the process if necessary. I've worked with the
types, they have a particular way of thinking that makes you blind to the fact
you're fucking your customers - or the society - over. A kind of reverse
reality distortion bubble, in which you believe the victims of your ideas are
actually happy about them.

------
endgame
I'm so glad I grew up in an era where people's only concern was making things
work AT ALL. Trying to make things work for licensed users only, or only for
certain devices, or anything else is just bullshit.

~~~
sliverstorm
A different way of looking at this is, we figured out how to make things work
at all. Now people are trying to figure out how to get paid for the work they
do on those cool new things.

Struggling to make sure you get paid is nothing new, either.

~~~
TeMPOraL
It's not struggling to make sure you get paid that's the problem - it's people
fighting to get paid _more_ , and people who starts expecting to get paid for
things they weren't being paid before. Both of those problems, reluctance to
accept that not everything you do will bring in monetary compensation, are
greed that drives invention of things like DRM.

The only worse thing is people who notice something is cool and decide to come
in and monetize it.

~~~
chii
The choice I see they have is either stop doing it anymore, or enforce
payment. Continuing to do it with out pay, whether they were originally paid
or not is no longer viable.

~~~
TeMPOraL
I see they have a choice to not be greedy and bitch about lost sales. This
actually earns respect from the consumers. You have to accept that you're not
going to capture all the value you're creating.

EDIT: also, happy 2^11-day :).

~~~
derefr
You presume this "not being greedy" won't mean their going out of business.
Look at newspaper journalism for an example of free redistribution of
copyrighted content literally killing an industry's worth of companies.

~~~
redblacktree
Yet we still have newspapers, online and in print.

~~~
TeMPOraL
Yeah, and at this point it wouldn't hurt if they all just died - they provide
negative utility to society by oscillating between mostly writing lies and
clickbait bullshit.

(INB4 you reflexively downvote me for saying bad things about Respectable
Newspapers, take a moment to think about the last time they wrote something in
your area of expertise and note how big a mix of lies, bullshit and
misunderstanding the article was. There is no reason to assume that
_everything else_ they cover is true.)

Journalism has a _much_ bigger problem than just their business model being
ruined by digitization. They need to figure out a business model that
incentivizes actual, honest reporting.

------
scotty79
If we could get rid of copyright there'd be much less resistance toward
embedding information about who created the work.

I'd very much like that we could abolish fines for copying but keep fines for
stripping author signature from work, or not propagating original author
signature to works that are derived.

This way you could have a trail to reach actual author of the part of work
that you find awesome to commission some new work from him.

This could be much more valuable for way more people than current copyright
schemes that only seem to benefit fatcats.

~~~
graeme
I write books. I publish the contents for free online, too.

But I still want copyright. If there were none, someone else could take my
work, attribute it, put it on some SEO'd site and outrank me.

What recourse would I have? Very few people are going to find the original
source, search it, get past the SEO and find my site.

And zero readers have commissioned a work. I make money, but not that way.

Trust me, copyright isn't just for fatcats. Though I suspect it's mostly
fatcats who propose unreasonable applications of copyright.

~~~
deciplex
The problem is you're right, but you're not in good company.

I want copyright too, and for pretty much the same reasons as you. But right
now supporting "copyright" means you're taking the same side as assholes who
insists on a term of 70 years after the death of the author, or more. Some
people even at HN think copyright ought to have infinite duration. It means
you're on the same side as those who want to send people to prison or put them
in the poorhouse for putting a video on Youtube. The same side as jerks who
want to deploy bots all across the web to indiscriminately take down content
whether it infringes or not, and who wheel and deal with distribution channels
when the draconian laws they bribe governments to pass aren't enough.
Seriously, _fuck these people_.

The political climate in much of the world eschews nuance on basically any
issue you can name, and copyright is no exception. I want reasonable copyright
terms of ten to twenty years from publication and to wipe my ass with the
DMCA. If I can't have that, and if the choice is between copyright maximalists
and those who would abolish copyright completely, I'll support shit-canning
the idea altogether. It might not be the most fiscally or culturally sound
solution, but it at least shows a basic understanding of how human culture
even works, which I can't say for the maximalists.

~~~
graeme
You're throwing the baby out with the bathwater. This comment in another part
of the thread put it well. Do you have a response to the argument below?

"If that happens, the web as we know it would cease to exist. Without a legal
recourse to stop plagiarism and stolen content, people who are actually
creating new content stop completely and move into other areas of work.
Websites that produce original and unique content close up shop. Instead
you're left with a bunch of low-quality rip off sites that have nothing
original of their own. Then it the entire web stagnates over the years as very
few new things get added to the net as a whole. And that's just the effect on
the internet, that doesn't take into account real world publishing.

I wish people would consider all of the consequences of these things before
making statements like that. I haven't even begun to consider the consequences
of eliminating copyright completely and just from what I can come up with off
the top of my head makes it a non-starter."

[https://news.ycombinator.com/item?id=10384178](https://news.ycombinator.com/item?id=10384178)

~~~
TeMPOraL
IMO it's a very bad argument - it assumed most, or best, content is created in
order to make money, whereas I believe that the best content is created by
people who feel they have something to share, for the purpose of just it being
out.

It's strange how as a culture we started to believe creating is just an
instrument to make money. Adults are insane; they lose understanding they had
as kids, that creating something and/or solving a problem can, and should be,
a terminal value in itself.

~~~
chii
It's a fantasy that there's any large amount of content that will be
altruistically produced. Must content people enjoy are the popular, highly
commercialised kind. You mightn't like it, but it's the reality. Taking money
for content is a validation that the content is valuable.

~~~
scotty79
Have you seen github?

~~~
throwawaykf05
Github (and indeed most open source) projects are not created out of a sense
of altruism. How many people treat github as an online resume? These projects
are meant primarily to show off people's coding capabilities in order to sell
services, and are not the primary means of making money. These people get a
full-time salary writing custom code for businesses.

This approach does not apply to most artists. Nobody is going to pay an author
a full-time salary to write new books just for them, or a musician to make new
music just for them. The better option for most artists is to invest in
creating the best work they can and sell it for commodity prices to a lot of
people.

~~~
TeMPOraL
> _How many people treat github as an online resume? These projects are meant
> primarily to show off people 's coding capabilities in order to sell
> service_

That's what it is now, and the reason it happened was because Github was full
of projects created out of a sense of altruism and fun, and it got respected
this way. Yes, the respect and popularity Github has stems not from code-
resume-builders, but from the altruists and people doing fun shit for fun that
came before.

You see, this is a pattern that repeats all over software industry, the whole
Internet included. First you start with people doing something to actually do
it (i.e. as a terminal goal). Then whatever useful and/or fun they made gets
recognized, popularized, and some people smell a money making opportunity
(i.e. doing stuff as an instrumental goal, to get money). The business comes
and the whole environment turns to shit.

------
anon4
This seems like a technical solution to what's a political problem. Those
don't usually work out as one would like, or worse, get enshrined in some
standard that doesn't solve anything and which makes things worse for the few
people that have supporting programs.

~~~
tinalumfoil
JPEG DRM is not a political problem. It's more of a copyright problem
although, more accurately, it's a digital content management problem, because
content doesn't have to be copyrighted to use DRM. For something to be
political it can't just be related to government (because everything is
related to government in some way), or even managed by government. For that
word to have any meaning at all, it needs to be a more direct reference to
government and politics.

And technical solutions to actual political problems have worked great. The
recent revamping of government websites has made information more accessible
to the public than ever. I can't imagine Obamacare holding much value if it
wasn't possible to make healthcare.gov so people could actually navigate
through the complexities.

~~~
idlewords
Political problems are any that involve issues of power and control. The issue
of who gets to decide what you view on a computer is an eminently political
one.

------
impostervt
One of my side projects is a photo water marking SaaS. I was surprised when
people actually started paying for it years ago, as I figured, "there's a ton
of watermarking apps out there". But it turns out there's a lot of demand from
amateur and semi-pro photographers who believe, rightly or wrongly, that
they're being ripped off (and want a simple way to watermark their photos).
For pros, There are other services out there that actively scan the internet
looking for infringers and send DMCA takedown, or similar, notices. These
services are generally two pricey for the type of customers my side-project
has.

I guess my point is - there is a pretty big demand to protect images online. I
suspect DRM will end up being implement in some form or another.

~~~
TeMPOraL
Yeah, some amateur photograhers are silly like that (source: I know a few),
they behave like little children - shoot some photos, put a big watermark on
them to both show pride and make sure nobody "rips them off", and then get
mightly annoyed anyway when somebody reposts their photo on Facebook without
linking back, because they thought it was cool. Only few later realize that
nobody really cares who made a photo (unless they're known to make more
quality photos) - a work created has social value on its own, and holding it
to yourself _only_ because you're an author is actually little antisocial
(also, if you don't fight, people tend to appreciate the work as a gift and
will often happily attribute it to you themselves; but I digress).

------
Nadya
Would this stop me from screenshotting the image, saving it as a .png, and
distributing that?

Because I and many people would do just that. Sure, the DRM might work for my
grandparents and a few other non-techies but over time I can teach my
grandparents how to screenshot an image and others would catch on. People
would even make chrome apps to "click a picture and resave it in a shareable
format".

I'm not sure what this DRM would solve, if anything, other than pissing off
users and giving photographers and other digital-sharing artists a false sense
of security.

~~~
murbard2
Ah, but the JPEG displayer would only run on a Trusted system, whose
screenshot function honors DRM. You could try to snap a picture of your screen
with your digital camera, but the camera manufacturer also embedded DRM inside
the camera.

I'm not convinced he analogue hole won't ever be plugged.

~~~
lfam
> I'm not convinced he analogue hole won't ever be plugged.

The analogue holes for visual media are the two holes in your skull where your
eyeballs sit. The analogue hole won't be plugged until you can implement a
secure path into the human brain.

~~~
TeMPOraL
"Until" being the operative word here. Electronic implants are an active area
of development, and it's only a matter of time before media companies see them
as a way to further advance DRM protections.

------
EvanAnderson
How long until this is used to lock down the independent "publishing" of
images? This seems like a great foundation upon which to build software
ecosystems that discourage user-generated content w/o the imprimatur of an
authorized publisher attached.

~~~
walterbell
Especially when combined with new copyright/DRM laws from TPP/TTIP/TISA,
[https://news.ycombinator.com/item?id=10363500](https://news.ycombinator.com/item?id=10363500)

------
atom_enger
Couldn't we just stop using JPEG? I realize this is a can of worms, but it's
an option, right?

~~~
vvpan
But why? It seems to be a decent format. And what's the other option?

~~~
pmalynin
PNG and WebP

~~~
scrollaway
FLIF is very promising too: [http://flif.info/](http://flif.info/)

~~~
dyladan
FLIF is not really a format so much as an experiment. There isn't a spec that
I can find, nor is there any sort of formal description of the format. Right
now, the only available spec is the source code and that leaves a lot of open-
ended questions about what to do about inconsistencies in implementations. I
hope it develops into something good, but for now it doesn't seem a viable
option.

------
Spivak
Wouldn't this DRM require every implementation of the JPEG standard to honor
the DRM or am I missing something?

~~~
TD-Linux
Yes it would - but that's how all DRM systems work, plus an attempt to make
the image unreadable to "unauthorized" JPEG implementations.

~~~
bediger4000
How, if some Future JPEG (FJPEG) is a standard, does one make a standard FJPEG
image unreadable to unauthorized FJPEG implementations? Either the standard
itself has to be kept secret or the FJPEG implementation has to contain some
secret, right?

If the standard is kept secret, by maybe charging a tidy sum for it, and
getting all buyers to sign an NDA in blood, we'll all have fewer
implementations of FJPEG viewers. There would probably be no "open source"
implementations of FJPEG. We would all loose, as the market for FJPEG viewers
has barriers to entry, and therefore would serve buyers poorly. That's
standard, Free Market economics.

If FJPEG viewers have to contain some secret (an algorithm or a key both come
to mind as things that have happened in the past) the same sorts of things
happen - barriers to entry to sell in the market, higher costs, fewer options
to consumers.

Of course the 3rd option is to legally mandate some kind of overall DRM at the
operating system level, which would have much the same effects, except that
we'd have a narrow choice of Windows or Mac OS, with maybe a larger choice of
FJPEG viewers.

All of these options should be repugnant to Free Market believers such as
myself. I predict the Republican Congress will laugh this out the door.

~~~
airza
Just like they did with the DMCA, right?

~~~
bediger4000
I'm sorry, but could you elaborate on this? I'm not understanding the
connection with DMCA.

------
LoSboccacc
Isn't this problem better solved by watermarking anyway? People want their
work distribute publicly but want attribution to attract users. Buyers need a
redistributable license most probably as they are interested in the media most
probably as part of some communication effort.

Drm is not going to help after buyer redistribute the purchased work in any
way, especially if there is a medium conversion involved - i.e. printed issue.

~~~
TeMPOraL
Watermarking is either too easy to cut out or damages the image. I can
understand the reason they want to look for other solutions, for the same
reason I would pay for a tool that reliably cleared watermarks out of pictures
- not because I want to steal content, but because I want to consume it in
high quality.

------
angersock
More attempted fencing off of the commons. Yay.

------
throwaway2048
countdown until mozilla folds like wet cardboard

~~~
bytesandbots
like it did for Adobe Primetime CDM

------
togusa
WebP anyone?

