Digital Rights Management: For Better Or For Worse?
Former National Security Agency cryptanalyst Mark Stamp offers his opinions on the current state of digital rights management (DRM).Editors Note: Mark Stamp has spent well over a decade working in computer security. He can neither confirm nor deny that for seven years he was a cryptanalyst at the National Security Agency. However, he can confirm that he recently spent two years designing and developing a DRM product at MediaSnap, Inc., a small Silicon Valley startup company. Currently, Dr. Stamp is enjoying life as a college professor and occasional security consultant. His current research interests are security, networks, algorithms and DRM. Digital rights management, or DRM, is an attempt to maintain "remote control" over digital content. For example, Stephen King might like to sell a new book online (though this is doubtful given his previous online publishing experience). But he might only make one sale, since any purchaser can, with the click of a button, redistribute a perfect digital copy to a large percentage of the population of the earth. To prevent this, Mr. King might like to retain some control--remote control--over what a purchaser can do with his digital book after purchasing it. Standard cryptographic techniques enable secure delivery of the bits, but provide no restriction on their use after delivery. The additional DRM requirements beyond secure delivery are collectively known as "persistent protection", that is, protection that stays with the digital content wherever it goes. In contrast to cryptography, the primary purpose of persistent protection is to protect the content from the intended recipient.
What can it do for (or to) me?