

How do you DRM a thing like a coffee pod? - OWaz
http://arstechnica.com/tech-policy/2014/03/how-do-you-drm-a-thing-like-a-coffee-pod/

======
evv
Adding a basic DRM to coffee pods would be trivial for Keurig to implement.
There is no need for RFID on each pod. That would be a waste of money in my
opinion.

They can simply print a unique QR code on the bottom of each pod, and the
Keurig machine could read it with a cheap webcam. The content of the data
would be an encrypted message, signed with Keurig's secret key. They sign one
unique message for each pod. The machine can remember all the messages it has
seen, and refuse to brew any duplicates.

Granted, this isn't impossible to circumvent. The secret key could get leaked,
but at least thats a known vulnerability. There is one more obvious weakness:
every code can be used once on each machine, and not just the one that brewed
the authentic code. IE, if a counterfeit outfit buys one thousand real pods,
they could then distribute up to 1k pods to each customer which would act as
authentic. Fortunately, this is a pain that will probably slow the production
of fake pods and persuade customers to buy authentic ones.

This is the only sort of DRM that I would actually be OK with in this
instance. It's not really a waste of money, and if the DRM-reading system
works reliably, it has no negative impact on the user experience.

~~~
_quasimodo
As far as i understood there weren't any "fake" pods, the third-party pods
where properly labeled. Also, some might consider it a negative impact on the
user experience if they cannot use third-party pods any longer, or if the
original pods get twice as expensive.

------
frankus
My spidey sense tells me that this isn't "DRM". In other words, it's "rights
management", but it's not digital. If you follow the link chain back to the
original report, it just says that the new machine "won't work with unlicensed
pods."

All that would be required is a patented physical feature that can't easily be
worked around. After all, they probably don't care about someone 3D printing a
compatible reusable pod at home. Rather, they want a cut of any mass-market
pods that work with their machine.

Apple, for instance, has effectively prevented anyone from making MagSafe-
compatible chargers without using any sort of DRM. They simply threaten to sue
anyone who makes a compatible charger for patent infringement. I don't see why
this would be different.

~~~
kenrikm
There are a lot of ways they could do it without using chips. For example they
could use a type of of patented ink that reflects under a certain under a
certain wavelength, some type of barcode, symbol, patented cup etc.

However, I think they are going about this all wrong, their not going to stop
people making similar cups and will just create negative impressions with
consumers - first time a valid Keurig cup that a customer purchased fails the
test and you'll have a very angry customer.

~~~
valleyer
> However, I think they are going about this all wrong, their not going to
> stop people making similar cups and will just create negative impressions
> with consumers - first time a valid Keurig cup that a customer purchased
> fails the test and you'll have a very angry customer.

I hear this argument a lot, but I just don't buy it. If anything, the customer
will be upset with the manufacturer of the coffee cup. But as is, all of
Keurig's cups are clearly marked, and I suspect that the vast majority of
customers will just continue to buy those (and therefore be totally unaffected
by this change).

~~~
kenrikm
My point was actually that Keurig's own cups might fail validation 0.x% of the
time causing angry customers.

------
mehrdada
In a way, it's good that things like this happen. Makes it much easier to
convince gullible laypeople that the Imaginary Property laws they are
brainwashed to believe to be universally good for the society are, in fact,
directly contradictory to the actual tangible property and ownership laws and
common sense, bearing more hope for the DMCA anti-circumvention clause to
eventually get overturned.

Sigh... I am being too optimistic... I know.

------
joeld42
Wow.. next thing you know some pirate will introduce an espresso machine where
you can "refill" the pod with bulk ground coffee. (sarcasm)

~~~
lostlogin
Or maybe a DRM chair to sit on while you drink your DRM coffee.
[http://hackaday.com/2013/03/04/drm-chair-only-
works-8-times/](http://hackaday.com/2013/03/04/drm-chair-only-works-8-times/)

------
sadris
Now that their patent expired they want to have DRM, luckily for the world
people can just manufacture their current gen device and sell it for the
current gen cups.

------
shmerl
Bad coffee with DRM isn't any better than just bad coffee. Just stay away from
Keurig.

------
kabdib
Incorporate encrypted brewing instructions (e.g., number of seconds to inject
water) on the container. Circumventing these becomes a copy protection issue,
subject to the DMCA and so forth. It's functional, and getting it wrong means
mucking up the coffee.

~~~
nwh
That'd be easy, just rip the RFID tag from a legit cap and stick it on the
fake one. Circumvention without any interaction by the manufacturer of the
second party capsules. People have been doing that sort of thing on printer
cartridges as long as I can remember.

~~~
kbaker
No, the machine could store and reject the capsule ids that have been used to
prevent this. And maybe write a 'used' bit into the tag memory to prevent its
use on other machines.

~~~
yardie
Anytime you set a ROM to allow writes you are opening yourself to
circumvention. If they can write to record used capsule IDs someone else can
rewrite with 0s. If you can write a bit to make the capsule expired or used
someone else can rewrite the bit back to full.

Repeatedly, the market has spoken and no one wants DRM if it doesn't provide a
superior product. iTunes Fairplay is dead, replaced with iTunes Plus.

------
bigd
This is so sad. Really? I know there's market for the non original coffee, but
Is already non-trivial to find a decent taste, that is compatible and is
cheaper than the original. Do they really need this stuff?? How much is going
to cost? Because, honestly, sooner or later brewing it will become convenient
again.

TLDR: Buying nespresso feels like buying cigarettes, isn't that enough?

~~~
Zigurd
At $0.75 per pod vs. $0.15 = $0.25 per shot of espresso you would pay down the
roughly $400 difference between a Nepresso machine and a proper Rancilio
Silvia in about 800 uses. Maybe a year elapsed time if you drink 2-3 cups per
day. And the espresso machine will make a much better drink and probably last
much longer.

Pod machines are the "razor blade" and "printer ink" model taken to coffee.
Yes you are being exploited.

If you try to cheap out with the espresso machine, I'd say go for pods.
"Consumer-grade espresso machine" is worst of all possible worlds.

~~~
gcb0
There's no cheaping out.

Either you pay upfront, or you get dimmed with ink jet coffee (pun intended)
until it's way more expensive.

~~~
lazylizard
er, really curious.. would a moka pot be considered a viable alternative?
[http://en.wikipedia.org/wiki/Moka_pot](http://en.wikipedia.org/wiki/Moka_pot)

~~~
bliker
It is very viable alternative! Contrary to sibling I think difference between
Moka vs Espresso and Pods vs Espresso is about the same. And I suppose the
marginal gain from buying expensive espresso over moka would not be that big
for you.

But moka is: cheap, easy to clean, lasts forever, takes virtually no space and
about as fast as my kettle.

------
tonymillion
Doesn't Tassimo already do this with their TDiscs?

[https://www.tassimo.co.uk/Help/TASSIMOTips/KnowAboutTDiscs/U...](https://www.tassimo.co.uk/Help/TASSIMOTips/KnowAboutTDiscs/Use)

------
colechristensen
Print an 'illegal number' on the top in the form of a barcode and include a
scanner in every machine, copywriting the number and taking legal action
against anyone who uses it without license. It's trivial to break on your own
but very difficult for a proper business to break legally.

~~~
colmmacc
Another option would be to put a 5mm embossed "K" on the bottom of the
container, and call it a trademark, or trade-dress. Then make the receptacle
require that exact "K" as a physical lock.

~~~
duskwuff
That would almost certainly not be upheld in court - Sega v. Accolade found
that the use of a trademark as part of a security system cannot be prosecuted
as trademark infringement.

[http://en.wikipedia.org/wiki/Sega_v._Accolade](http://en.wikipedia.org/wiki/Sega_v._Accolade)

Capsule summary: Sega's Trademark Security System, which was present in some
versions of the Sega Genesis game system, would check for the string "SEGA" at
a particular location in the ROM. When it found this string, it would display
the text "PRODUCED BY OR UNDER LICENSE FROM SEGA ENTERPRISES LTD." on screen;
if it did not find this string, the game would not boot. Accolade reproduced
this to make their unlicensed games work; Sega sued them for a variety of
things, including trademark infringement, and lost.

~~~
OWaz
Thanks for sharing that. I was never aware of Sega v Accolade and the impact
it had on reverse engineering under fair use.

~~~
gcb0
Remember that a precedence is not law. More importantly, sega did not have the
bribe money nestle et al have today.

~~~
dfc
Remember that the term is precedent and not precedence. Witty replies work
better when you use the correct term.

------
otikik
The most cost-effective way to stop consumers from loading alternative pods on
their machines is to stop selling the machines machines altogether. In the
long run it will have the same effect.

