Hacker News new | past | comments | ask | show | jobs | submit login

The market problem is that people want to consume expensive art. There is billions of dollars of interest in making this market clear. The market will not go away because a bunch of hackers find it unethical. As the war on drugs has demonstrated, the market interprets censorship as damage, and routes around it.

I see a lot of opposition to DRM on principle. These principles will go nowhere. The interesting question to me is whether DRM is part of an standard s.t. required permissions are visible and minimizable and the platform is open, opt-in and extensible... or whether it will take over your devices with God-knows-what secret solutions, which is the situation today. I think the W3C standard is problematic (having read it) but represents a small step in the direction that is less wrong. The third option, an imaginary free-information utopia, is directly against the economic will of the people in general.




People hate DRM because it gives the content producers too much power, and then they treat consumers like muppets: http://neosting.net/wp-content/uploads/2012/05/pirated_vs_le...

The Internet has shifted a huge amount of that power back to consumers (especially technically savvy ones), so it's understandable that something needs to change. It's also obvious that producers can't create decent content if they don't get paid, but giving them full control of the pipe will end up harming everyone (producers included).


I see people often saying to vote with your wallet and then go illegally download whatever movie, TV show, videogame or piece of software—which I find kind of funny. Why don't people vote with their time? Don't watch something, for example.

I suppose the main thing I find funny is how outrageous people become when something isn't provided which seems trivial to life. I live in Australia where it seems we are one of the nations the pirates the most. People here, and elsewhere, act as if having a TV show is a basic human right and necessity. Who cares if you can't watch a TV show? I think both sides are in the wrong. Another thing with the horse-riders yelling at some large fat cats is that they often pretend to speak for the masses; the non-hackers, -geeks, or whatever labels are necessary to delineate these two groups. They say they would buy everything if it was available in a way that jives with them and postulate that the masses will run out and buy everything.. and maybe they will, but as one of the 'computer guys' when most people ask about how to use torrents and you ask them why they want to know usually they just want to get something without paying for it. This goes back to Napster too.

This isn't so much directed at you, jobu, these thoughts just came to mind again after looking at the image you posted. I do agree with what's presented in the image in that it is a horrible user-experience.


Why don't people vote with their time? Don't watch something, for example.

I'm not quite sure you understand the idea of voting. It's about making your preference known, and it doesn't quite work when your action has no impact on anyone else.


100% Correct. The only way a boycott works is by people taking a stand, and then letting everyone know about it. Same goes for canceling subscriptions, vegetarians boycotting MC-donalds, people staying home and not voting in elections, or hunger striking in a prison.

So the alternative to pay for an movie, TV show or videogame is to organize a movement to let people know about the issue. This happens. Remember people voting down Simcity on Amazon? Remember people producing jailbreaks? Remember people picketing outside studios or shops? All those are the alternatives to buying and supporting a broken businesses model. Pressing or not pressing a download button in silence has in contrast zero impact.


I disagree. If you don't like the policies of a studio, boycott their content. This is not a new concept by any means[1][2]. If a content provider lacks an audience, it's going to hurt them financially. It doesn't matter if its paid media like a movie or ad based media like a TV show.

[1]http://betanews.com/2008/07/08/angry-youtube-users-boycott-v...

[2]https://www.google.com/search?q=movie+studio+boycott


Even better - make your own content and distribute it freely without any DRM. Surely that would be a more constructive approach - and more fun!


Well, perhaps I don't. The reasoning was similar to that of money. People have indicated that if you stop paying for things (DRM-laded goods and services, for example) the companies will notice the lack of sales and change their behaviour accordingly. Now, for not watching, perhaps if they noticed that torrents that previously had tens of thousands of people downloading only had a handful—or better yet, the different warez groups/whatever stopped their releases—the companies would notice that people are making a stand by not even watching. Popularity of TV show x would go down and what happens when TV shows aren't popular? They're killed. Also, supposedly people pirate things, come to like them, and then buy them so limiting watching also leads to making your preference known.

I think that not watching could be even more powerful than not voting with your wallet. It shows greater self-control, dedication, etc. It says "Screw you guys, we won't even watch it!" Though, as mentioned in my previous post, I doubt many people would do that as they simply want something for free nor are they so invested in the whole anti-DRM thing.

Even if I don't understand voting, I would still love to hear why the hell people are so up in arms about not being able to watch a TV show especially so when their complaint is that it's released a week later. It would be fantastic to see the pirates look at themselves and what they're doing wrong. A last thing I would like too is an answer to a question: If I create something and will only sell it for $1000 and it is not a human right/basic necessity, if I ask or tell you to not acquire it and use it without paying, would you follow what I've said or ignore it? -- you here isn't meaning you, icebraining.


>People here, and elsewhere, act as if having a TV show is a basic human right and necessity. Who cares if you can't watch a TV show?

Maybe your friendships and interests are such that you don't feel you need to. Good for you. But that's not true for everyone, and flippant solutions like "get better friends" aren't always practical or desirable.

>They say they would buy everything if it was available in a way that jives with them and postulate that the masses will run out and buy everything.. and maybe they will, but as one of the 'computer guys' when most people ask about how to use torrents and you ask them why they want to know usually they just want to get something without paying for it.

So your anecdote disagrees with other people's anecdotes. That happens. Is there any actual evidence in either direction?


> the market interprets censorship as damage, and routes around it.

You said it. DRM is close to censorship in its core idea - it's preemptive policing. The market will find routes around it.

> I see a lot of opposition to DRM on principle. These principles will go nowhere.

Not true. There is a lot of opposition in principle to the totalitarian approach (which DRM embodies). If there would be no opposition, then it will work as "they take as much as you give them". I.e. if you don't value your own freedom, they for sure won't do that for you.


It's true that people are routing around existing DRM solutions. It's not true that this represents any threat to DRM. As the Steam platform has demonstrated, if you make paying the easy solution and piracy the hard one, the target audience (viz. people willing to pay money) will choose the easy one.

The average consumer will not try to route around unfree information as long as it shows up when they click play. Policing content is not the sort of "market censorship" they care about.


As the Steam platform has demonstrated, if you make paying the easy solution and piracy the hard one, the target audience (viz. people willing to pay money) will choose the easy one.

Steam is still DRMed and can be annoying enough. Try to get Loom there to play on your Scummvm and good luck with that. I don't use Steam since I don't want to support DRMed approach. I use GOG and other DRM free distributors for gaming. If DRM isn't very obvious and disruptive it doesn't mean it's not there and it doesn't make it any more ethical than a hidden camera which you are unaware of. I'd say it's better when it's noticeable, at least you can be aware of its risks.

> Policing content is not the sort of "market censorship" they care about.

Tell them about it when their distributor will pull the plug and go out business, informing them that their DRMed content will be lost forever. I'm sure they'll appreciate the view that they shouldn't care about it in such situation.

> It's not true that this represents any threat to DRM.

You don't need to technically threaten something that's already broken. Most DRM is broken in short time. However DRM needs to be threatened on practical and legal levels. Practically by byocotting the DRMed content, and legally by repealing DMCA 1201 and similar laws created to back up DRM.


My opinion is that Steam's DRM is as ethical as it can be, and the only thing wrong about it is accepting other additional schemes like GfWL on top of it.

I will oppose other forms of DRM, like everything Sony has done, but I think companies like Valve have to be rewarded for doing something good for game studios and players alike.

I see your stance the same as I see the RMS stance on software licenses. Too extreme to be practical for all purposes.


If you want to grade what's worse, DRM or closed source software, I'd say that the first one is worse. While closed source software restricts user's freedom for modification and redistribution, DRM goes way beyond that and violates much more.

I'd say it's practical, reasonable and not extreme to be opposed to any forms of DRM. There is simply no excuse for it to exist.

Unlike Valve, other distributors (GOG/CDPR) proved that DRM free gaming distribution is practical. So I don't see Valve as a best example in the gaming industry. Music is DRM free. Digital books publishing offers more and more DRM free options. It's the video industry which lingers behind the most.


It's not totally bad, but can be better.

  * No lending your game to a friend
  * No selling.
Piracy exists not only because people don't like to pay. It also exists because of... generosity, and human nature in general. Pirates get warm fuzzy feeling when they share something.

Unlearning To Share: The Industry’s Hatred Of Generosity http://www.rockpapershotgun.com/2013/05/23/unlearning-to-sha...


Steam has a unique market position, with an extremely loyal user base.

The really interesting thought experiment I see is this: What if Steam quietly went DRM-free tomorrow? What would change? What wouldn't?


Netflix also has a big and arguably loyal user base, same goes for Xbox, PlayStation and other heavily DRMed platforms. Does it indicate that DRM approach is ethical or that simply many people are oblivious to its potential problems? As often, many ignore it until they are bitten. If that happens, people learn about DRM the hard way.

About Steam going DRM free - I'd like that, and I'd subscribe to their service if they'd do it. But they are heavily involved with DRM addicted gaming companies, and unlike GOG don't put any effort into convincing them to publish their games DRM free. GOG invests a lot of time and effort to do it. For Steam it would either mean an enormous amount of reworking their contracts, or simply cutting off a significant part of their catalog. They aren't as principled as GOG to do that.


Surely a single data point is not much, but in that case they could count me as another consumer in their extremely loyal user base.


Steam is kind of the least worst DRM, why: it has more advantages ! - Easy installation, no hassle with CD's: Check - Automatic updates: Check - Price: Sales from time to time: Check - Does it get in the way ?: Only slightly. However there are quite a few bad risks attached: - Need internet ? Yes :( - Can the block your account and screw you over ? Yes :( - What if they go bankrupt ? So all in all I don't prefer steam, but for Linux atm it brings in a few games :)


And as iTunes and Amazon Music have demonstrated, if you make paying the easy solution, having DRM is either irrelevant or a net negative.


Exactly. If your time has no value then all is free. Most people value their time, the system does not have to be perfect. People who claim there should be no copyright because the future is inevitable probably still go to the doctor.


"Copyright not existing" and "concessions to DRM not being included in standards" are wildly different things, as are "copyright not existing" and "DRM not existing".

Ten years ago, would you tell people to go to the doctor if they asserted that the music industry could and would survive selling their music without DRM?


The music industry has been selling music without DRM since recorded music was invented. I don't think there's any surprise that they survived by continuing to sell without DRM.


9 years ago Sony was panicking, realizing what they had done, and began infecting users PCs with malware in a desperate attempt to undo the "harm" they thought the CDs lack of DRM was causing them.

And of course the movie industry was surviving without DRM for some time too. Both thought that lossy analog copying was DRM enough.


Same goes for everything else. DRM came to music and went away later. Same will happen to other content.


Maybe you misunderstood. The current model will die, like everything.


DRM model will die. But such proposals like this one with putting DRM into HTML standard will only prolong its lingering and it's another serious reason to oppose them.


I'm not so sure. DRM was the only way iTunes could get the record labels to play ball and they quickly realized the potential and gave it up.


It's not correct for W3C to enforce policies that are worth billions of dollars to big companies at the average user's expense.


That's the thing, though. It's not at the average user's expense. It's only at the technological idealist's expense. The average user is in fact benefited greatly by having an open, standardized approach, because it increases the likelihood that things will Just Work™.


No, it doesn't. The EME standard as proposed makes no guarantees about the availability of a CDM on any particular browser or operating system.


Well, no standard at all makes any guarantees about the availability of something on a particular operating system. HTML as a whole makes no guarantees that a web browser will even exist for your OS.

But a standard makes it a heck of a lot more likely that someone will have written something that works on your platform.


But this standard - EME - isn't for CDMs, it's for the interface between CDMs and Javascript. So yes, your Linux-based browser might well have EME support. But if the company who makes the DRM CDM doesn't support Linux, you're out of luck.

The existence of the EME standard does not in any way increase the likelihood of DRM vendors supporting any more platforms than they do now.


It does make it easier to add support to new platforms, though. If Linux support is just a recompile with a different compiler away (supposing the browser/plugin interface is a simple C API with no GUI), it's more likely to happen.


deep, calming breath

Please, have a read of the proposal. You'll see that a browser implementing EME does not make it any easier to compile a DRM plugin on a different operating system. The proposed standard has nothing to do with that whatsoever.

All the EME spec specifies is a way to interact with the plugin using Javascript.


The point of HTML5 ECE is to tie into OS-level and hardware-level DRM facilities, so in practice it's going to be far harder to port than existing solutions.

In fact we can see this happening already. Netflix supports multiple DRM schemes, one of which is based on the draft HTML5 ECE standard and is used on ChromeOS. Apparently, both the Silverlight-based player and the Android-based player can be used to watch Netflix on ordinary desktop Linux. The ChromeOS one, on the other hand, only runs on authorised Google-provided hardware and only if you don't enable developer mode; no-one's managed to bypass this yet.


I disagree. At the moment, companies have a point of competition on their licensing agreement with customers - exactly what license they allow, and how exactly they choose to enforce it.

That there is competition (and that the market cares) is evident in the fact that iTunes have removed FairPlay DRM from music tracks.

To have an open standard for DRM removes some of this competition point: a win for big incumbents and a loss for consumers.


The enthusiasm against DRM is mostly based on principle because the technological argument is so uninteresting. "DRM is part of an standard s.t. required permissions are visible and minimizable and the platform is open, opt-in and extensible" isn't possible and this is non-controversial among anyone not in the business of trying to sell it to someone who doesn't know that.


DRM is just a math problem (encryption) coupled with a hardware problem (retaining control of the results). The industry in, say, video games has settled on an equilibrium of making it very hard but not impossible to crack the hardware. But uncrackable encryption hardware already exists, it would just be inconvenient to make it uncrackable inside an XBox.

But whether the methods of DRM are open or closed is an implementation detail. Nobody thinks that TLS being open makes it crackable. But if users and programmers know the capabilities and requirements of DRM solutions, they can sequester them from the rest of the computer.


All of the crypto in the world is worthless for a DRM system if a user can easily circumvent the system by replacing one of the components between the black-box DRM module and the hardware in order to get a perfect digital copy of the "protected" stream. This is why "content protection" systems, like the one introduced in Windows Vista, tend to be so over-reaching; they want to create a leak-proof pipe between the "protected" media and our senses.


That's a last mile problem the industry doesn't need to solve. How many people would rather hack hardware than pay money to watch TV and play video games? Of course, if it becomes cost-effective to hardware encrypt the entire stream, I don't think the lack of a W3C standard will make any difference in stopping it.


> How many people would rather hack hardware than pay money to watch TV and play video games?

It only takes one. Everyone else just uses that cracked copy.

I'm not worried about DRM working, I'm worried about it not working in a way that gets in my way as someone whose time is generally worth more than the hassle of finding movies on bittorrent.


This has an expedient solution of only making devices which are able to play DRMed media (perhaps with permissive flags), and having all authoring tools use a per-user content creator key. Then the same broadcast encryption keying that allows players to be selectively disable also allows the cracked transcoder to be disabled.

Of course, this isn't terribly compatible with general purpose computing but operating systems intended for the public have been moving away from general purpose computing for some time and tables and mobile devices are pretty close to that now.

If we go far enough down that path the makers of these handicapped devices can even get legislative help in preventing competition from more user friendly devices by outlawing their sale as was the case for macrovision.


If the DRM system is sequestered from the rest of our computers, then what I described is far from a last-mile problem. It's not a last-mile problem unless support for a "protected" playback path is baked right into the OS kernel, in a way that users would have some difficulty modifying or disabling (e.g. mandatory driver signing and Secure Boot). As long as the playback path is not secured by the kernel, there's always a way to intercept a perfect digital copy of the output in software. And the user doesn't have to know anything about user-space API hijacking, LD_PRELOAD, custom driver development, or whatever it takes, as long as there's some software they can conveniently install that does the job.

So it seems to me that the proponents of DRM would never accept a DRM system that is sequestered from the rest of the computer.


How many people would rather hack hardware than pay money to watch TV and play video games?

At least where I live, "chipping" Playstations was extremely popular. You could get it done for $40 without having to know a lick of hardware.


Your post includes a lot of words, but none of these even attempt to justify your claim that there exists open, uncrackable DRM.


The whole reason I started this thread is that it doesn't currently exist but I think it should.


An open DRM system would die in minutes, because we would just hack it to return its secret key to the user. In any DRM system, something needs to be closed.


And I think invisible pink unicorns should exist, limitations of reality be damned!


The enthusiasm against DRM is mostly based on principle because the technological argument is so uninteresting.

It's also based on the philosophical aspects of DRM.

Everything which digital technologies enables, DRM takes away. Every improvement enabled by new technology, DRM hinders. Everything which digital opens, DRM closes down.

DRM is artificially retro-fitting the limitations of the past into the future for no other sake than benefiting the already rich, with an added cost of taking control away from the people and handing it to the few.

DRM is digital ass backwards and has no place anywhere in this new century.


> the platform is open

Where did you find an open DRM? It sounds oxymoronic.


So the options you are suggesting we have today is either a small number of solutions that take over your devices with God-knows-what but which are using browser plugin system, or solutions that take over your devices with God-knows-what but are using the W3C standard as an API, which leads to a larger number of God-knows-what solutions that do God-knows-what to your computer or has God-knows-what security issues that other form of malware can use.

How is that an improvement, and what does this have to do with a open network with cooperating nodes that any standard compliant software can parse and use?


Does this proposed W3C standard really get us any further away from taking over our devices with god-knows-what secret solutions? After all, the CDM plugins themselves are still proprietary.


I think it's a case of pushing at the margin; exposing more details of the CDM plugins than would otherwise be exposed. Opening the CDM spec is also a design win for reasons that should be obvious to people who've worked on software.

It's been the general trend in web browsers to minimize the permissions you need to give to plugins--I would expect CDM plugins to evolve the same way.


You may be right about minimizing the permissions given to CDM plugins. In the current Chrome dev build, the Widevine CDM plugin is a Pepper plugin, which suggests that it might be sandboxed.

However, DRM has sometimes been very over-reaching. Perhaps the most infamous example of this was the content protection introduced in Windows Vista, which went very deep into the OS. [1] After that, can we really expect that DRM proponents would be satisfied with letting their content "protection" system be a well-behaved, harmless little program inside a sandbox?

[1] http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.html


Being a Pepper plugin doesn't help at all. It's still a black box. It still has full access to your machine. It can not be sandboxed because it's up to the CDM to decide how to validate and how deep to connect to the machine. The CDM will want to control the bits from the time they get delivered to the CDM from the browser, all the way to the monitor with whatever tech the CDM author feels like employing.

Chrome can not validate the code nor the inputs to the code. It's a giant security hole. For all you know some CDM will just implement the blu-ray standard, Java and all. Yep, unsecured code execution.


> It's been the general trend in web browsers to minimize the permissions you need to give to plugins--I would expect CDM plugins to evolve the same way.

DRM need control over the computer for it to ever do anything. Trying to sandbox DRM, is like trying to sandbox anti-virus software. It can't happen, and has never happened before.


If you're going to have that username you're not allowed to use terms like "the economic will of the people".


The real danger, from the W3C's perspective is that people will route around an HTML5 standard that includes DRM. What's the point of writing a standard that is built to fail?


Perhaps we should workd on the economic will of the people..




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: