Can digital rights management technology stop the unauthorized spread of copyrighted content? Ten years ago this month, four engineers argued that it can’t, forever changing how the world thinks about piracy. Their paper, “The Darknet and the Future of Content Distribution” (available as a .doc 이리) was presented at a security conference in Washington, DC, on November 18, 2002.
By itself, the paper’s clever and provocative argument likely would have earned it a broad readership. But the really remarkable thing about the paper is who wrote it: four engineers at Microsoft whose work many expected to be at the foundation of Microsoft’s future DRM schemes. The paper’s lead author told Ars that the paper’s pessimistic view of Hollywood’s beloved copy protection schemes almost got him fired. But ten years later, its predictions have proved impressively accurate.
The paper predicted that as information technology gets more powerful, it will grow easier and easier for people to share information with each other. Over time, people will assemble themselves into what the authors called the “darknet.” The term encompasses formal peer-to-peer networks such as Napster and BitTorrent, but it also includes other modes of sharing, such as swapping files over a local area network or exchanging USB thumb drives loaded with files.
Once a popular piece of information—say, a movie, a song, or a software title—”leaks” into the darknet, stopping its spread becomes practically impossible. This, the engineers realized, had an important implication: to prevent piracy, digital rights management had to work not just against average users, but against the most tech-savvy users on the planet. It only takes a single user to find a vulnerability in a DRM scheme, strip the protection from the content, and release the unencrypted version to the darknet. Then millions of other users merely need to know how to use ordinary tools such as BitTorrent to get their own copies.
Trusted computing or treacherous computing?
Ars Technica talked to Peter Biddle, the paper’s lead author, last week. The basic premise of the paper came from an e-mail Biddle circulated within Microsoft in the late 1990s. The term “darknet” was coined by co-author Bryan Willman, another Microsoft engineer. Two other Microsoft engineers, Paul England and Marcus Peinado, contributed to it.
At the time they wrote the paper, Biddle and his co-authors were working on Microsoft’s “Trusted Windows” project, an effort to provide hardware-level authentication features that could make PCs resistant to tampering even by those who have physical access and control. The initiative would go under a variety of names, including Palladium, TCPA, and the Next-Generation Secure Computing Base.
Biddle, who now works at Intel but stressed that he was speaking only for himself in our interview, told us that it was a project fraught with political challenges. Inside Microsoft, people bristled at the implication that vanilla Windows was untrustworthy. Outside Microsoft, critics charged that Biddle’s project represented the beginning of the end for the PC as an open platform. They feared that Microsoft would use the technology to exert control over which software could be executed on Windows PCs, freezing out open source operating systems and reducing users’ freedom to run the software of their choice.
One widely discussed application for Biddle’s technology was digital rights management. Building DRM atop an open, general-purpose computing platform is an inherently difficult problem. Every DRM scheme requires distributing encryption keys or other secrets to users’ devices without the users themselves having access to them. But on an open PC, the user has the ability to inspect and modify essentially all data stored on the device, so DRM schemes are inherently insecure.
It was “very challenging for the PC industry to make the same kinds of statements around how secure data could be on the PC compared to closed devices like CE boxes,” Biddle told us. Many hoped (or feared) that a “trusted” computing platform could dramatically improve a DRM scheme’s tamper-resistance by preventing a machine’s owner from inspecting sensitive encryption keys or modifying DRM code. But preventing users from modifying DRM schemes also inherently meant reducing users’ control over the devices they owned. The risk of Microsoft locking down everyone’s PC provoked an online backlash, with critics calling the technology “treacherous computing.”
Biddle says that backlash “took us completely by surprise.” He told us that his team didn’t “realize the level of entrenchment and fear” about the ways Microsoft might misuse the technology. In his view, the public overreacted to what was designed to be an application-agnostic security technology. “A lot of the things that were said about trustworthy computing being treacherous were actually impossible,” he told us.
“I almost got fired”
Biddle says that he and his team realized early on that DRM technology would never succeed in shutting down piracy. He hoped that writing a paper saying so would reassure Microsoft’s critics in the technical community that Redmond wasn’t planning to lock down the PC in order to satisfy Hollywood. And by making it clear that the people behind Microsoft’s “trusted computing” push were not fans of DRM, Biddle hoped he could persuade the technical community to consider other, more benign applications of the technology he was building.
Biddle couldn’t be 너무 candid about the link between his paper and the technology he was building. Explicitly admitting that DRM schemes built on “Trusted Windows” wouldn’t stop piracy might make it harder for Microsoft to persuade content providers to license its products for Microsoft’s technology platforms. Biddle hoped that releasing his paper at a technical security conference would allow him to send a “dog whistle” to the technology community without raising the ire of Hollywood.
It didn’t work out that way. “I almost got fired over the paper,” Biddle told Ars. “It was extremely controversial.” Biddle tried to get buy-in from senior Microsoft executives prior to releasing the paper. But he says they didn’t really understand the paper’s implications—and particularly how it could strain relationships with content companies—until after it was released. Once the paper was released, Microsoft’s got stuck in bureaucratic paralysis. Redmond neither repudiated Biddle’s paper nor allowed him to publicly defend it.
At the same time, “the community we thought would draw a connection never drew the connection,” Biddle said, referring to anti-DRM activists. “Microsoft was taking so much heat around security and trustworthy computing, that I was not allowed to go out and talk about any of this stuff publicly. I couldn’t explain ‘guys, we’re totally on your side. What we want is a program that’s open.'”
A losing battle
While Biddle and his colleagues didn’t succeed in allaying the fears of Palladium’s critics, the paper’s central arguments have held up well. The authors predicted that the emergence of the darknet would produce a technological and legal arms race. They thought content companies and law enforcement would attack those aspects of the darknet that were most centralized, but that the darknet would adapt through greater decentralization. And they predicted that efforts to build secure DRM schemes would continue to fail. All of their predictions have continued to hold true over the last decade.
Both content companies and the US government have pursued increasingly aggressive anti-piracy strategies. The Recording Industry Association of America sued thousands of alleged file-sharers during the last decade, and content companies have sued numerous file-sharing startups out of existence. In 2010, the federal government got into the act, using the powers of the recently passed PRO-IP Act to seize domains and other assets of alleged pirate sites. And they have even begun to arrest key figures in file-sharing networks.
Yet these increased enforcement efforts have barely slowed down the darknet’s momentum. A key development has been the emergence of “locker sites” that host infringing files and “link sites” that provide pointers to those files.
“The thing about the locker and link sites is that they can be very lightweight,” Biddle told us. They are “not that hard to replicate because they are basically a database.” That makes the network as a whole much more robust to law enforcement efforts to shut it down: close down one site and two more pop up in its place.
And while BitTorrent and Megaupload get all the attention, Biddle notes that there are other file-sharing techniques that the government is never going to stop. “Teenagers and twenty-somethings I know routinely will go over to a friend’s house with a terabyte drive to swap stuff,” he said. They choose the “sneakernet” approach less out of fear of liability than because it’s so convenient. “You can have a ton of content on a terabyte drive,” he noted.
Yet the content industry continues to try, and fail, to produce secure DRM schemes. Biddle believes this strategy has proved counterproductive because it inconveniences legitimate customers without stopping piracy.
“I’m now finding that for some kinds of content, the illegal is clearly outperforming legal,” Biddle said. “That blows me away. I pay for premium cable. It’s easier to use BitTorrent to watch 왕좌의 게임. HBO Go is trying very hard to do a good job,” he said, but the user experience just isn’t as good. Because HBO Go is a streaming service, he said, it’s more vulnerable to network congestion than simply downloading the entire episode from the darknet.
I’m a bit surprised that an apparently smart guy like him would be surprised that a paper on the capabilities of the ‘darknet’ would assuage Microsoft’s critics on Palladium/NGSCB/”Trusted Computing”/whatever.
Yes, because of uncontrolled distribution in the background, you can stop the movement of files through peer networks. However, that isn’t actually terribly relevant:
1. Free Software(along with commercially minded ‘we-remember-what-you-did-to-netscape’ pessimists of MS’s market power) people don’t primarily care about whether “trusted computing” can stop kids from swapping burned bieber CDs and warez. They care about whether it can stop you running what you want to run on the hardware you “own”. Can it? Oh yes, yes it can. Not 100% perfectly, but contemporary consoles are getting to the point where hardware attacks are necessary to execute unsigned code, iDevices are spreading the walled garden to the masses, and Microsoft is going all app-store, all the time on their ARM gear. What good is piracy if you can’t buy a computer that will execute your booty?
2. Even if your primary concern is piratical, the “darknet” only saves you as long as vendors are willing to ignore legacy formats. All it takes is one person to crack the DRM and release the plaintext version; but only if available consumer devices will actually accept plaintext. Your ipad, say, will process an anonymous mp3, or h.264 video, so team Hollywood and the RIAA crowd are out of luck; but how about an unsigned .ipa file? Not happening. Even if it is 100% structurally valid, it needs an apple key, or an enterprise key, or a dev key(that matches the hardware it is running on, since those are limited to a set number of devices). You can strip all the DRM you want, you’ll just have some trouble finding hardware to run it on. Windows RT will play the same game with Windows binaries.
That’s the real problem. Yeah, it is impossible to make 100% of DRMed endpoints exfiltration-proof. However, your ability to make 95%+ of endpoints increasingly hostile to anything lacking a trusted DRM signature is constrained only by customer hostility, not by any technological barrier…
fuzzyfuzzyfungus wrote:I’m a bit surprised that an apparently smart guy like him would be surprised that a paper on the capabilities of the ‘darknet’ would assuage Microsoft’s critics on Palladium/NGSCB/”Trusted Computing”/whatever.
Thank you for give me credit for being apparently smart.
This is becoming my favorite comment thread of all time. Bryan! ______ from Disney! Sweet!
I was surprised about it ten years ago. I think my surprise was comically innocent in hindsight, but so was the lack of technical depth applied by some opponents to TWC.fuzzyfuzzyfungus wrote:Free Software(along with commercially minded ‘we-remember-what-you-did-to-netscape’ pessimists of MS’s market power) people don’t primarily care about whether “trusted computing” can stop kids from swapping burned bieber CDs and warez. They care about whether it can stop you running what you want to run on the hardware you “own”. Can it? Oh yes, yes it can. Not 100% perfectly, but contemporary consoles are getting to the point where hardware attacks are necessary to execute unsigned code, iDevices are spreading the walled garden to the masses, and Microsoft is going all app-store, all the time on their ARM gear. What good is piracy if you can’t buy a computer that will execute your booty?
Palladium, as outlined by Seth Schoen at the time (an intelligent analysis that was completely ignored by detractors because it was inconveniently inconsistent with more Luddite views) and now again highlighted by Bryan in his comments wasn’t actually capable of keeping SW from running on a PC.
I know it wasn’t because we designed it to allow anyone to run SW that was protected from the rest of the system. The TPM is a crypto co-processor connected via the LPC bus. It had none of the (totally fabricated) privilege nor control that would let it control what SW runs on the CPU.
As I said at the time – Palladium treated the rest of Windows as a virus. This includes any SW that might want to peek into a protected environment.
Let me repeat this, to be clear: ANYONE COULD RUN AND PROTECT ANY SW ON THE SYSTEM and it would be protected from EVERYONE ELSE.
This meant that yes, Disney could make a video player which protects video files from many (but not all) kinds of attacks. (eg it didn’t protect against Freon, dual-ported memory, or DtoAtoD conversions).
It also meant that you could run SW which protects you, and whatever stuff you choose to put in it, from Disney. There was no single root key model, no trust chain that MSFT controlled, and no god-privilege that would let MSFT or anyone look at protected secrets at runtime.
SW was protected from SW.
Could other people – like Apple – use similar technologies to create systems that won’t run arbitrary code? Of course. But that wasn’t part of our threat model and it wasn’t what we were building.
So why did we do it? Because there’s good to be had in protecting stuff. The darknet creates network effects for stuff that is a global secret in high demand. Lots of stuff in need of protection are not global secrets nor in high demand.fuzzyfuzzyfungus wrote:2. Even if your primary concern is piratical, the “darknet” only saves you as long as vendors are willing to ignore legacy formats. All it takes is one person to crack the DRM and release the plaintext version; but only if available consumer devices will actually accept plaintext. Your ipad, say, will process an anonymous mp3, or h.264 video, so team Hollywood and the RIAA crowd are out of luck; but how about an unsigned .ipa file? Not happening. Even if it is 100% structurally valid, it needs an apple key, or an enterprise key, or a dev key(that matches the hardware it is running on, since those are limited to a set number of devices). You can strip all the DRM you want, you’ll just have some trouble finding hardware to run it on. Windows RT will play the same game with Windows binaries.
I agree that closed systems have those characteristics and I applaud your railing against them. I’d be deeply surprised (again!) to find that you are more committed or passionate than I about the need for open devices that will run and protect arbitrary code.fuzzyfuzzyfungus wrote:That’s the real problem. Yeah, it is impossible to make 100% of DRMed endpoints exfiltration-proof. However, your ability to make 95%+ of endpoints increasingly hostile to anything lacking a trusted DRM signature is constrained only by customer hostility, not by any technological barrier…
When Palladium fell apart we were able to salvage a great drive encryption solution (BitLocker) from its ashes. BitLocker treats all data as equally worthy of protection and by design has to treat the possessor of a PC as a potential attacker. I’m quite proud of that.