Let me tell you a story, boys and girls. Sit back and enjoy.
Once upon a time, a handful of powerful media companies devised a novel way to distribute high quality digital video, packaged onto an easy-to-use five inch disk. The technology was a leap over previous efforts; most people in the know figured that, in time, it would have revolutionary potential.
The problem was that these discs could easily be read by computers, and being digital in nature, could - in theory, anyway - be perfectly copied ad infinitum. Even worse, it was inevitable that someone would eventually figure out how to compress these gigantic video files into something more easily transferrable on the Internet, much like MP3 music files. When that happened, copyright violation would be rampant and uncontrollable.
So these companies came up with another great idea: encrypt the data, and design a software system that tied decryption to verifying specific security codes embedded in the player hardware. Then carefully protect the codes. People could still copy the files, but without the ability to decrypt them, they were useless.
And all was well in the kingdom until some clever people figured out the system and a way around it. And then all hell broke loose.
With all the talk recently about how Blu-ray HD has been cracked, the secret code distributed far and wide, I just thought it’d be useful here to mention that the above story took place in October 1999. It happened with DVD.
Way-back-when, I spent some months in late 1999 and early 2000 working with Openlaw, trying to gather some sort of historical perspective on what exactly happened then. I find it amazing that these companies didn’t think it’d happen again.
DVD also attempted this sort of encryption game. They called their system CSS, and it was a real sticking point especially for two classes of computer user: media pirates (who were tired of MP3 and were already looking to video when everyone was obsessed with Napster), and Linux geeks (who resented not being able to play DVD on their OS without a secret/proprietary regime). For most of 1999, a group of Linux programmers slowly managed to reverse-engineer DVD playback protocols in an effort to build a native driver; the only thing they were missing was the decryption step.
Enter Jon Lech Johansen, aka “DVD Jon”, a Norwegian teenager who - in cooperation with a handful of hackers in Germany - had been working on breaking CSS.
Now despite what has long since descended into folklore as a valiant and successful crusade to bring DVD playback to Linux, I’ve actually talked to many of the principal players involved in this drama, way back when it happened. There was plenty of evidence to suggest that Johansen and his crew didn’t give the first damn about Linux, that they just wanted to crack CSS; when they succeeded and the legal hammer fell, dashing behind the Linux flag won the support of a lot of people and provided an air of respectability to the effort. When these guys realized that they let loose a storm, they released source code. I can’t necessarily say that I wouldn’t have done the same.
Remember, what was about to happen had never happened before.
In the summer of 1999, one of the Johansen crew discovered that one Windows software-based DVD player - the Xing Player - improperly stored its access key in plaintext, rather than in encrypted format. That discovery soon led to the complete unravelling of the whole encryption system, and ultimately to a program called DeCSS. This program copied and decrypted DVD video files into standard MPEG4 files, and Johansen’s group released it out onto the Internet that October.
The moment that happened, DVD security was dead.. but that didn’t stop the paramedics from trying to bring it back. The media companies sent its lawyers out into the field, threatening website owners, threatening anyone working on DVD playback. They figured, if they could just scare a handful of people into submission, the problem would go away.
Wrong.
Less than a week after DeCSS began distribution, the story hit Slashdot. DVD playback! Simple program! Source code! Evil lawyers! Do your part! At the time, Slashdot was by far the widest-read geek news source on the Web, the Digg.com of its day, and when the story hit, well.. it hit big.
Pretty soon, a whole lot of people around the world were distributing DeCSS on free Geocities websites, on mailing lists, on free email responders. On T-shirts, for Chrissakes. Someone on that Slashdot thread dubbed the effort “Whack-a-Mole” - every time the lawyers took one down, a hundred more popped up. Every effort to stop it only threw gasoline on the fire.
And that, my friends, is why today - eight years later - it’s easier to download a movie than it is to drive down to Blockbuster.
So fast-forward to 2007. Blu-Ray has been broken. A security key has been uncovered. It’s begun distribution online. The lawyers descend. The key hits Digg. And now it’s everywhere. In another year, Blu-Ray will be just another cracked format. And, apparently, the media companies never saw this coming. They just don’t grasp that the digital underground doesn’t exist.
Those who refuse to learn from history, eh?
Isn’t it funny how history often repeats itself? I wonder if there’s different motives behind to the seemingly futile attempts at copy protection. In other words, maybe everyone knows there’s a good chance the copy protection will be cracked but it will still hinder some (for a little while) and maybe a few key people in the industry decide they have to walk and talk the “protected” path (at the cost of maybe a mere few million?) to pacify and/or attract others in the industry? For example, hypothetically, say Sony proposes to Studio “X” - release/license our format because one of our bullet points reads: “Stronger encryption than HD-DVD!”?
(Small correction - DVDs use the MPEG2 format, not MPEG4 (which apparently wasn’t even “introduced” until late-1998), so if all DeCSS did was break the encryption, allowing a DVD’s files to be copied, they’d be MPEG2’s.
Left by George on May 21st, 2007
I do think there’s a certain large degree of ass-covering involved.. as usual. Someone, somewhere at Sony, has to report to a 75-year-old technophobe who doesn’t have the tech or math background to understand that DRM is a fatally flawed concept. A Valenti type. And no one wants to be the guy who gets fired for going to the mat arguing that the company should “surrender to pirates” by abandoning the hope. And so the idiot plans continue. If you can’t avoid being stupid, try to avoid looking stupid.
I can’t help but see some parallels to the recent U.S. Congressional hearings on gas prices. There’s a fundamental problem and, like or or not, there’s only one real solution - and it’s the one that no one wants to hear. So instead of directly addressing the problem, lots of people put their fingers in their ears, sing “LA LA LA” real loud and try like hell not to get blamed for the fallout. (I’ll be writing about that soon, once I can get a 10,000-word essay mentally reduced to 1500 words or so.)
And re: MPEG4/MPEG2.. you’re right. It’s obviously been too long since I’ve read a DVD design spec.
Left by Rob on May 21st, 2007