Comments on: Can DRM really be ‘elegant’?

By: Steve Jordan

Steve Jordan — Tue, 25 Aug 2009 12:43:43 +0000

A lock that only works once… is a pretty useless lock. It might as well not be there at all, if it’s only going to be opened the moment you buy something, and never re-used. The act of buying the product accomplishes exactly the same thing.

Also, the idea that a credit card number is something people won’t share is not well thought-out. You’re forgetting the people who steal credit card numbers to make purchases, and can then attach that stolen number to any number of DRM’d items. You’re forgetting the number of credit card numbers that change hands when people cancel accounts, and sometimes deliberately when account security is questioned. And finally, you’re forgetting the people who will specifically create a credit card account, use it for a purchase or two and cancel it, then use that CC number for bogus transactions that do not require instant bank-checking for approval.

Credit card numbers are not safe, because they are easily spoofed or stolen. A safer, harder-to-spoof system is what is needed for DRM, and I think a combination of biometric IDs and a way to transfer ownership of single items will eventually provide us with that.

By: borax99 (AlainC.)

borax99 (AlainC.) — Mon, 24 Aug 2009 20:25:17 +0000

So far, I have only run into one DRM scheme that can be called elegant – it’s the one used for the ereader format. Typically, you unlock a purchased ebook once per machine – no limitations on how many machines you can read it on. You unlock the book with your name and credit card number. Very slick, and ultimately fair – I can’t see anyone sharing their credit card info freely on the web…

By: Jan Samzelius

Jan Samzelius — Sun, 23 Aug 2009 02:50:00 +0000

First, full disclosure: I am the CEO of a DRM company. You might find us very different from others. We are currently only focusing on PC games.

Felix – I agree with you that existing solutions are not based on serving the end user. ByteShield is different. Please check out http://www.reclaimyourgame.com/index.php?option=com_content&view=article&id=291&Itemid=108
Also, check out http://forums.theeca.com/showthread.php?t=6446&highlight=byteshield

We have been approached by content companies outside of games. But we are not sure how to make the solution as user friendly as is needed. Please give me suggestions.

Regards,

Jan

By: Felix Torres

Felix Torres — Sat, 22 Aug 2009 13:16:39 +0000

Sure. Digital Rights Management systems can be elegant. All it takes is a thoughfully engineered system focused on end-user needs and a generally accepted set of usage guidelines.
It might be worth pointing that major corporations have been engineering robust and flexible digital content management systems for inhouse use for the last decade or two.
The main problem with the *public* Digital Rights Management systems in use for commercial distribution of content is that to date none has been crafted in anything approaching a rational manner; all have been crafted as top-down, “take what we give you” mandates by content gatekeepers. In the corporate world, user needs, by contrast, are generally balanced against the IT and security depts’ natural paranoia.
It is early in the game for most forms of commercially-distributed digital media and there is still time to avoid the stupid mistakes of the music industry, the poster-children for how *not* to “manage” a transition to digital online distribution.
Truthfully, however, I see no indication the large publishers have any interest in avoiding the mistakes of their studio brethren. They show no interest in crafting a fair, balanced, flexible regime and instead seem almost eager to abdicate their responsibilities to outsiders hoping the issue will go away.
Most curious, really.
They are literally giving away the keys to their (mismanaged) kingdoms.

By: Steve Jordan

Steve Jordan — Sat, 22 Aug 2009 12:25:54 +0000

How “elegant” can a lock and key be? It’s an odd word to use. Since what I imagine he means is a DRM system that is simple, easy and acceptable for public use, I would say yes, it can be done, and I expect “elegant DRM” will be accomplished… in sometime beyond the next 10 years.

It depends on combining a universally-functionable at-the-source ID system (probably biometric), and providing incentives to get people on-board. And it does not have to involve Federalized databases hidden away in Yucca Mountain. The essential tools are actually available now, and in fact it has been done in other industries, so there’s no reason it cannot be accomplished here, given time to get the systems and people together on it. (I’ve made further comments on the subject here… a bit long to post in here, though.)