![]() ![]() ![]() ![]() In practice it may not be quite that immediate, but in the open source case, allowing people to write their own DRM clients which prevent them from copying your rights-protected data would be asking them to be astonishingly honest. If the device's user has full control over it, then clearly in principle this is game over. In the DRM threat model, the owner/user of the device is the attacker, and the rights owner is being defended. Normally, security protects the owner/user of a device from a threat model of external attackers. DRM does not require obscurity of algorithms (which is why OMA DRM is a published standard, and how come the source for an implementation can be published and freely usable), but it does require that the player device have access to information (some kind of key) which the user of the device does not, and which is not part of the algorithm/source. Security through secrecy of information is the only way to do crypto, signing, etc. Security through obscurity of algorithms is usually weak. Security through obscurity does not work, but DRM is not exactly "security" This is incompatible with FOSS, which says that the user of a device should have full control over what it does. The fundamental problem with open-source DRM is that although all of the algorithms and source code can be published without harming the scheme, client devices have to be "trusted" by the rights issuer to respect the rights, i.e. The OMA DRM standard is well-documented, and is (or at least has been) widely-used by the mobile phone industry. I have no experience of this implementation, but a little of OMA DRM, and it seemed at the time to be a workable DRM scheme, as much as any DRM scheme is workable. License is MPL, which is a non-GPL-compatible FOSS license. I assume it contains the software components needed to build the server and client, leaving the hardware as an exercise for the reader: This claims to be an open source implementation of OMA DRM2. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |