To: [log in to unmask]
From: richard barbrook <[log in to unmask]>
Subject: Fwd: TidBITS#603/29-Oct-01
Cc: [log in to unmask]
Date: Thu,  8 Nov 2001 01:06:52 +0000 (GMT)


---- Begin Forwarded Text ----

>Date: Mon, 29 Oct 2001 21:00:00 -0800
>From: TidBITS Editors <[log in to unmask]>
>Subject: TidBITS#603/29-Oct-01
>To: [log in to unmask] (TidBITS Distribution)
>Reply-To: "TidBITS Editors" <[log in to unmask]>
>
>TidBITS#603/29-Oct-01
>=====================


>Steal This Essay 2: Why Encryption Doesn't Help
>-----------------------------------------------
>  by Dan Kohn
>
>   "Doveriai no proveriai." (Trust but verify.)
>     - Russian proverb, as quoted by Ronald Reagan
>
>  Even as content becomes a public good, content creators (or at
>  least the publishing and recording industries that claim to
>  represent them) have been led to believe that encryption can
>  protect their revenue streams. As I noted in the first of these
>  essays, they are lambs being led to the slaughter.
>
><http://db.tidbits.com/getbits.acgi?tbart=06604>
>
>  Why is all content becoming a public good? It has realistically
>  been nonrival for some time now, meaning that I can copy your CD
>  of music or software for a few pennies or less, and you are in no
>  way disadvantaged. (Of course, the author of that content may feel
>  quite disadvantaged by this "theft," but as long as I don't
>  scratch your CDs, there's no reason for you to care that I
>  borrowed them for a few minutes.) In fact, the central concept
>  of digitization - converting all content to streams of zeros and
>  ones - entails making it infinitely copyable without any loss of
>  quality, the very essence of nonrival goods.
>
>  What has only become clear in the last couple years (although
>  the Recording Industry Association of America - the RIAA -
>  still has its head in the sand) is that digital content is also
>  nonexcludable. Of course, tens of millions of dollars have been
>  spent on a variety of means to make digital content uncopyable.
>  Supposedly unremovable watermarks are embedded in images to detect
>  copies (e.g., SDMI and Macrovision), content is encrypted so that
>  it can only be viewed through an authorized player (e.g., DVD CSS
>  and Microsoft's and Real Network's digital rights management
>  systems being used in the music industry's Napster competitors,
>  PressPlay and MusicNet), or some form of registration is required
>  for activation (e.g., Office and Windows XP).
>
><http://www.riaa.org/>
><http://www.sdmi.org/>
><http://www.macrovision.com/>
><http://www.dvdcca.org/>
><http://www.pressplay.com/>
><http://www.musicnet.com/>
>
>
>**Encryption Is Ultimately Futile** -- The problem with the
>  security of these approaches is that, as cryptographer Bruce
>  Schneier points out, there are basically only two types of users:
>  regular ones against whom _any_ form of copy protection will work,
>  and experienced hackers, whom _no_ form of technology can stop.
>  Your technophobe mother represents the first category, and your
>  geeky nephew exemplifies the members of the second category. Why
>  can't the hackers be stopped by encryption? If the challenge were
>  just to transfer a file from one point to another without letting
>  someone get to see its contents, encryption is up to the job. But,
>  consumers don't listen to or watch encrypted versions of content.
>  (I have, and it looks like static). They watch the regular,
>  unencrypted version. So, somewhere close to the user, the content
>  must be decrypted. And that decryption process typically runs on a
>  PC, where experienced hackers can watch it work one instruction at
>  a time, and change those instructions to enable the unencrypted
>  content to be copied.
>
>  Phrased differently, as long as the intention is ultimately to
>  deliver the content to the customer (and hopefully even the RIAA
>  is still trying to do that), then it's impossible to stop wily
>  hackers from getting at the content in its unencrypted form and
>  having their way with it. "Trying to secure [digital goods] is
>  like trying to make water not wet," Schneier said recently. "Bits
>  are copyable by definition."
>
>  In early 2000, a 16-year-old in Norway named Jon Johansen was
>  upset because he wanted to be able to play DVD movies in his Linux
>  box's DVD drive, but the movie industry had not authorized any
>  players for Linux. So, working with several anonymous contacts on
>  the Internet, he cracked the copy protection scheme used by all
>  DVDs, enabling them to be played on his machine and, incidentally,
>  to be copied endlessly and perfectly. (The Norwegian police
>  actually confiscated his computer at the request of the Motion
>  Picture Association of America several days after he distributed
>  the code on the Internet, providing a classic example of tardy
>  barn door closing.) More to the point, one could ask what chance
>  any copy protection scheme has, when random 16-year-olds with an
>  Internet connection can succeed in breaking it in their spare
>  time.
>
>  But the news for authors such as myself, who might want to get
>  paid for our work, gets worse. There are many in the music
>  industry who believe that a 98 percent copy protection rate would
>  be just fine, the same way that department stores calculate a
>  presumed level of spoilage (i.e., stolen goods) in their
>  inventories. That works for department stores because their goods
>  are rival, so that even if a few shoplifters get their items for
>  free, everyone else still has to pay. The problem for the RIAA is
>  that nonrival content means crack once, run everywhere. That is,
>  all it takes is one smart hacker to defeat the copy protection
>  schemes for everyone. Then, your nephew can either distribute his
>  hacks in an easy to use format that even your mother can install,
>  or, more directly, he can just distribute the unencrypted content.
>
>
>**Advertising Support?** If content can't be made excludable (and
>  thus easily charged for) via encryption, perhaps there are other
>  ways to build business models around content. What about
>  advertising? After all, broadcast television is essentially
>  nonrival and nonexcludable, and it's financed by advertising.
>  Unfortunately, no. First, as they have become ubiquitous, banner
>  ads have dropped dramatically in effectiveness, as measured by
>  click-through rates, which have fallen from 4 percent to 0.1
>  percent. This is not too surprising, given that most people hate
>  banner ads and do everything to try to ignore them. Ad rates for
>  some large sites have fallen correspondingly from 40 cents per
>  impression to less than 0.1 cents, one of the primary causes of
>  the many new applications of former dot-com employees for
>  Starbucks barista positions.
>
>  And for content providers, the news grows still worse. The
>  downturn in the economy has made it harder, particularly for
>  publications without loyal readers, to attract advertisers, even
>  at the lower ad rates. Then there's software such as WebWasher
>  that automatically detects the banner ads on any given Web page
>  and strips them out, which incidentally causes the page to load
>  faster (just as a 30 minute television sitcom can be viewed in 22
>  minutes without the ads). Ad blocking software replaces the ads
>  that are supposed to be funding the content with blank space,
>  which is what content providers' revenue models are starting to
>  look like. The software is not perfect, but it's getting better
>  and is already effective enough to strike fear into the hearts of
>  content publishers and advertisers.
>
><http://www.webwasher.com/en/products/wwash/functions.htm>
>
>  Even the soap companies that have funded so many years of daytime
>  drama may start reconsidering their advertising budgets over the
>  next decade, as digital video recorders such as TiVo become
>  increasingly common. These enable viewers to have their favorite
>  shows easily stored to a hard drive, where they can be
>  conveniently replayed at the time of the viewer's (rather than the
>  programmer's) convenience. Imagine setting your own viewing
>  schedule rather than having it dictated by snotty network
>  executives in LA and New York. Plus, these devices let you skip
>  right past the commercials with a few clicks of the remote,
>  thereby crumbling the foundations of 50 years of a profitable
>  broadcast industry. New PC-based recorders such as SnapStream even
>  support sharing recorded shows across the Internet, enabling video
>  to take its place next to MP3s on the new peer-to-peer networks
>  that are quickly replacing Napster. Why schedule your evening
>  around a broadcast schedule and sit through brain-numbing
>  commercials, when the show is available whenever you want it with
>  the commercials already edited out? A world full of digital video
>  recorders is one in which the couch potato is liberated from the
>  slings and arrows of network programming (how dare they put that
>  promising new show against Survivor!), and once again is empowered
>  to make real choices about how, when, and what to watch. [For more
>  on TiVo, see Andrew Laurence's two-part article series "TiVo:
>  Freedom Through Time Shifting" and be sure to read the in-depth
>  TidBITS Talk discussion on how personal video recorders are
>  changing advertising. -Adam]
>
><http://www.snapstream.com/>
><http://db.tidbits.com/getbits.acgi?tbser=1204>
><http://db.tidbits.com/getbits.acgi?tlkthrd=1461>
>
>  Are there any categories of content from which individuals can be
>  excluded? Only two that I can see. The first is showing movies at
>  movie theaters. With a significant investment in digital
>  distribution, and an even bigger investment into physical security
>  at the theater, studios should be able to distribute movies
>  without them immediately being copied onto the Internet (but watch
>  out for those 16-year-old projectionist/hackers). The other
>  category would appear to be Web services, where software is split
>  into components that are loosely coupled and distributed across
>  the Internet. Since you're interacting with numerous other
>  computers, your identity can be continually reaffirmed (what
>  Microsoft is planning with Hailstorm), making it nearly impossible
>  to avoid paying. But any software that supports a disconnected
>  mode (such as an operating system), can be easily (by hacker
>  standards) modified so that it no longer "calls home" to ensure
>  authenticity. The registration system for Windows XP was cracked
>  so that running a simple program will remove the requirement for
>  online activation, six months before the software was even
>  released.
>
>  Content won't truly be a pure public good for another ten years or
>  so until broadband home Internet connections are ubiquitous,
>  making it trivial to transfer large files around. But, since the
>  process is already accelerating (Napster began with college
>  students who already have broadband connectivity, and some new
>  peer-to-peer file sharing services are designed explicitly for
>  downloading very large files in the background), it's worth asking
>  why anyone will create content when the old models for getting
>  paid don't work. The answer will have to wait for another essay.
>
>  [Dan Kohn is a General Partner with Skymoon Ventures. His writings
>  are announced through <[log in to unmask]> and can
>  be discussed through <[log in to unmask]>.]
>
><http://www.dankohn.com/>
><http://www.skymoonventures.com/>
>
>
>
>$$
>
> Non-profit, non-commercial publications may reprint articles if
> full credit is given. Others please contact us. We don't guarantee
> accuracy of articles. Caveat lector. Publication, product, and
> company names may be registered trademarks of their companies.
>
> This file is formatted as setext. For more information send email
> to <[log in to unmask]>. A file will be returned shortly.
>
> For information: how to subscribe, where to find back issues,
> and more, email <[log in to unmask]>. TidBITS ISSN 1090-7017.
> Send comments and editorial submissions to: <[log in to unmask]>
> Back issues available at: <http://www.tidbits.com/tb-issues/>
> And: <ftp://ftp.tidbits.com/issues/>
> Full text searching available at: <http://www.tidbits.com/search/>
> -------------------------------------------------------------------
>
---- End Forwarded Text ----

--
         <http://www.hrc.wmin.ac.uk> : <HyperMedia Research Centre>
      <mailto:[log in to unmask]> : <http://www.media.demon.co.uk>

************************************************************************************
Distributed through Cyber-Society-Live [CSL]: CSL is a moderated discussion
list made up of people who are interested in the interdisciplinary academic
study of Cyber Society in all its manifestations.To join the list please visit:
http://www.jiscmail.ac.uk/lists/cyber-society-live.html
*************************************************************************************