Back in August, Sun announced it would start with an open source DRM project, confusingly dubbed “Open Media Commons”. The EFF’s Cory Doctorow and Donna Wentworth both pointed out the logical impossibility of the OSS+DRM combo. An interesting quote from Cory’s follow-up post about the issue:
Crypto isn’t about algorithms. Crypto is about threat-models. The threat model for SSL is a third-party eavesdropper. The threat model for DRM is that the intended recipient of the cleartext will gain long-term access to the cleartext.
In the meantime, the Open Media Commons website has gone live (that is, I hadn’t seen it until yesterday), featuring a press release paper about Sun’s own “open standards-based DRM solution”, called DReaM. I had a look at the document, but didn’t quite get what they’re at. Section 1.8 “Security through obscurity” states:
Historically, proprietary end-to-end architectures have relied upon obscurity to avoid being cracked. Such systems are based upon a false foundation of security promises. Such systems have been cracked and will continue to be breached.
That’s correct, but how can Sun’s DRM be any different? The problem with DRM is that it’s built around flawed threat model (cfr. Doctorow) – in any DRM system, recipient Bob and hacker Mallory are one and the same person, making DRM fundamentally different from SSL (although Sun doesn’t seem to think so). In other words, the only way to “secure” a DRM system is by obscuring how you descramble the encoded signal to a more enjoyable form – an approach that, as we know, is prone to hacking.
Applying this on DReaM’s alleged open source aspect, the conclusion is simple: if security can only happen through obscurity, open sourcing the project becomes an impossibility.
Note 1: Prof. Lenz believes open source DRM is possible, but I don’t agree: excluding people who contribute DRM-defeating code to the project may be easy, but nothing (except the law, maybe) stops them from using the project’s source code for creating their own circumvention tools. In other words, you can create an open source DRM, but it will be meaningless, as it will be hacked even faster than closed source DRM systems.
Note 2: as if the words “open” and “commons” aren’t confusing enough (we’re talking about DRM here!), the Open Media Commons frontpage’s “related links” section also links to Creative Commons, making it feel like an affiliate project or something (which I’m sure it’s not). Disturbing.