Anyone who reads this blog will know that I am no fan of DRM technology. I think it’s a stupid idea that is fundamentally flawed. Security by obscurity is always a bad idea. Every device that can play a HD-DVD has a secret key inside it, including all computers that can play HD-DVD. If one person finds one of these keys then they can remove the DRM from HD-DVD. Basically, the whole system is dependent on these keys remaining secret. This of course won’t happen. So, the MPAA’s system provides a mechanism for disabling all devices that use a compromised key. The idea being, if a key gets out it is not the end of their DRM, they just revoke the key. Slight problem, when a key is revoked all devices that use the key will stop working leaving thousands of very miffed consumers out for the MPAA’s blood!

The cat is out of the bag, a key has gotten out. I have a copy of the key. I’m just an ordinary pleb, if I can get it trivially, so can the bad guys! So, what will the MPAA do? If they revoke the key they will break loads of people’s players and make them very grumpy. If they don’t revoke the key they will be making all their DRM efforts totally null-and-void. The MPAA think they’ve found a third alternative, they are attempting to use their lawyers to magically make the key a secret again and in the process declaring ownership of a number.

[tags]MPAA, DRM, HD-DVD[/tags]

It’s the MPAA’s claim that they own a number that really annoys me. Below is a simple maths question, the answer to this question, is, according to the MPAA, their property!

2 x 6,628,139,443,994,728,825,509,432,950,700,852,320 = ?

I have issues with people claiming ownership of ideas, big issues with people claiming ownership of mathematical equations, but this is a whole new level of insanity. No company has rights over a number! Whether you write the number as binary, decimal, hexadecimal, or indeed any base you like, it makes no difference, it is the same number.

When the MPAA chose to go the DRM route they knew their keys would get out. That’s why they put in the revocation system. However, having received a lot of slack over revoking the key for WinDVD recently it seems to be politically very undesirable for them to revoke this key. So, they have chosen instead to send their lawyers on an impossible mission armed with this ridiculous claim of ownership of an integer. This is a mission that is doomed to failure. As John Gruber so eloquently put it:

I love the way that these MPAA fools think they can turn this key back into a secret using lawyers.

For me this whole incident further proves that DRM cannot work. Key revocation was designed to deal with this situation but it cannot be implemented for practical reasons. No matter how hard their lawyers try, this key cannot be un-published. The choices are to accept that HD-DVD DRM is broken and just get on with life, or to revoke the key and risk a large consumer backlash which could kill the fledgling technology. People will not tolerate regular key revocations. Would you spend a few hundred Euro/Dollars on a player you knew could stop working any day on the whim of the MPAA?

So, I have a very simple question for the MPAA, if you can’t revoke the keys, and you know the keys will be found (which you do because that’s why you added revocation to the technology), what exactly is the point of DRM?