[Vorbis] DRM and Ogg Vorbis ??

[Ken Petty]

Here is a pretty good article I just found that may help about DRM, 
circumvision, etc.
http://www.schneier.com/crypto-gram-0105.html
Ken


The Futility of Digital Copy Prevention

Music, videos, books on the Internet! Freely available to anyone without 
paying! The entertainment industry sees services like Napster as the 
death of its business, and it's using every technical and legal means 
possible to prevail against them. They want to implement widespread copy 
prevention of digital files, so that people can view or listen to 
content on their computer but can't copy or distribute it.

Abstractly, it is an impossible task. All entertainment media on the 
Internet (like everything else on the Internet) is just bits: ones and 
zeros. Bits are inherently copyable, easily and repeatedly. If you have 
a digital file -- text, music, video, or whatever -- you can make as 
many copies of that file as you want, do whatever you want with the 
copies. This is a natural law of the digital world, and makes copying on 
the Internet different from copying Rolex watches or Louis Vuitton luggage.

What the entertainment industry is trying to do is to use technology to 
contradict that natural law. They want a practical way to make copying 
hard enough to save their existing business. But they are doomed to fail.

For these purposes, three kinds of people inhabit the Internet: average 
users, hackers, and professional pirates. Any security measure will work 
against the average users, who are at the mercy of their software. 
Hackers are more difficult to deter. Fifteen years of software copy 
protection has taught us that, with enough motivation, any copy 
protection scheme -- even those based on hardware -- can be broken. The 
professional pirate is even harder to deter; this is someone willing to 
spend considerable money breaking copy protection, cloning manuals and 
anti-counterfeiting tags, even building production plants to 
mass-produce pirated products. If he can make a profit selling the 
hacked software or stolen music, he will defeat the copy protection.

The entertainment industry knows all of this, and tries to build 
solutions that work against average users and most hackers. This fails 
because of a second natural law of the digital world: the ability of 
software to encapsulate skill. A safe that can keep out 99.9% of all 
burglars works, because the safe will rarely encounter a burglar with 
enough skill. But a copy protection scheme with similar characteristics 
will not, because that one-in-a-thousand hacker can encode his break 
into software and then distribute it. Then anyone, even an average user, 
can download the software and use it to defeat the copy protection 
scheme. This is what happened to the DVD industry's Content Scrambling 
System (CSS). This is how computer games with defeated copy protection 
get distributed.

The entertainment industry is responding in two ways. First, it is 
trying to control the users' computers. CSS is an encryption scheme, and 
protects DVDs by encrypting their contents. Breaks do not have to target 
the encryption. Since the software DVD player must decrypt the video 
stream in order to display it, the break attacked the video stream after 
decryption. This is the Achilles' heel of all content protection schemes 
based on encryption: the display device must contain the decryption key 
in order to work.

The solution is to push the decryption out of the computer and into the 
video monitor and speakers. To see how this idea helps, think of a 
dedicated entertainment console: a VCR, a Sega game machine, a CD 
player. The user cannot run software on his CD player. Hence, a copy 
protection scheme built into the CD player is a lot harder to break. The 
entertainment industry is trying to turn your computer into an Internet 
Entertainment Console, where they, not you, have control over your 
hardware and software. The recently announced Copy Protection for 
Recordable Media has this as an end goal. Unfortunately, this only makes 
breaking the scheme harder, not impossible.

The industry's second response is to enlist the legal system. 
Legislation, such as the Digital Millennium Copyright Act (DMCA), made 
it illegal to reverse-engineer copy protection schemes. Programs such as 
the one that broke CSS are illegal to write or distribute under the 
DMCA. This is failing because of a third natural law of the digital 
world: the lack of political boundaries. The DMCA is a U.S. law, and 
does not affect any of the hundreds of other countries on the Internet. 
And while similar laws could be passed in many countries, they would 
never have the global coverage it needs to be successful.

More legal maneuvering is in the works. The entertainment industry is 
now trying to pin liability on Internet service providers. The next 
logical step is to require all digital content to be registered, and to 
make recording and playback equipment without embedded copy protection 
illegal. All in an attempt to do the impossible: to make digital content 
uncopyable.

The end result will be failure. All digital copy protection schemes can 
be broken, and once they are, the breaks will be distributed...law or no 
law. Average users will be able to download these tools from Web sites 
that the laws have no jurisdiction over. Pirated digital content will be 
generally available on the Web. Everyone will have access.

The industry's only solution is to accept the inevitable. Unrestricted 
distribution is a natural law of digital content, and those who figure 
out how to leverage that natural law will make money. There are many 
ways to make money other than charging for a scarce commodity. Radio and 
television are advertiser funded; there is no attempt to charge people 
for each program they watch. The BBC is funded by taxation. Many art 
projects are publicly funded, or funded by patronage. Stock data is 
free, but costs money if you want it immediately. Open source software 
is given away, but users pay for manuals and tech support: charging for 
the relationship. The Grateful Dead became a top-grossing band by 
allowing people to tape their concerts and give away recordings; they 
charged for performances. There are models based on subscription, 
government licensing, marketing tie-ins, and product placement.

Digital files cannot be made uncopyable, any more than water can be made 
not wet. The entertainment industry's two-pronged offensive will have 
far-reaching effects -- its enlistment of the legal system erodes fair 
use and necessitates increased surveillance, and its attempt to turn 
computers into an Internet Entertainment Platform destroys the very 
thing that makes computers so useful -- but will fail in its intent. The 
Internet is not the death of copyright, any more than radio and 
television were. It's just different. We need business models that 
respect the natural laws of the digital world instead of fighting them.

Similar sentiment about the death of the PC:
<http://www.theregister.co.uk/content/2/17419.html>