Jag Venugopal's Blog

April 12, 2010

DRM: Keeping out the good guys

Filed under: Digital Living — Jag @ 10:58 am

Ebook DRM, like any DRM mechanisms, creates a major hindrance to legitimate users. For example, when you buy an ebook:

  • Your PC must be authorized for your account. For Adobe EPUB ebooks, it means you must have the Adobe Digital Editions reader installed and logged in to your Adobe account.
  • You can copy your ebook to another PC only in limited circumstances. In Adobe’s instance, to a total of six computers/devices.
  • Let’s say you bought a Kindle tomorrow, and wanted to convert your legitimately purchased Ebook to the .mobi format. You’re out of luck, because DRM prevents you from making the conversion.
  • Your ebooks can be read only as long as your DRM scheme is still available and supported by the vendor. For example, anyone who purchased music from Sony’s Connect store in the ATRAC format many years ago, can no longer put it on a new PC or convert it to MP3.

The irony is that DRM is easily breakable. Adobe’s ebook DRM is trivially breakable by a pair of scripts available freely on the Internet. I won’t tell you what their names are, and where you can find them. And I certainly won’t condone digital piracy. But the fact of the matter is that would-be pirates don’t even need to know programming to break the DRM: All they need to know is to execute two simple Python scripts.

In anything but the short run, DRM cannot succeed, no matter how cleverly it is implemented. The reason is that each user’s software has within it the decryption key hidden somewhere. (Without the decryption key, you will not be able to decrypt and read the ebook). Two classes of attack are possible: Find the decryption key, and then decrypt all encrypted files (which is what the abovementioned Python scripts do), or capture the files when they have been decrypted by the application for viewing.

There are enlightened publishers (O’Reilly, Pragmatic Press, Zondervan, to name a few) that know the futility of DRM. They are proactively advertising their DRM-free wares, and appealing to users’ nobler motives to prevent piracy. And it might just work… while a DRM’ed book implies that the publisher does not trust its customers, a non-DRM’ed book with an appropriate request establishes trust between the publisher and user. At the very least, the user would feel guilty about passing the digital document on.

From my days in undergraduate and graduate school, I am only too aware of the piracy that occurs when students are not willing to pay for textbooks. In the past, the library photocopy machine was the piracy tool of choice. Now, it is either DRM breaking software, or the print/scan/OCR cycle. One easy way to overcome both is for the school to license the textbooks used for a course, and to build the cost into the tuition. Thus, if a particular MBA course needs six different cases, instead of sending students scurrying over to the bookstore to buy the cases, the school could acquire a license on behalf of the entire class, and work it into the tuition. Students would be free to load the cases into the reader of choice: whether it be paper, Kindle, Sony, Nook or iPad. And there would be no revenue loss to the publisher on account of second-hand sales. 

Using technical solutions to hinder piracy is an unworkable approach. Its time we started looking at other solutions, like the social or economic solutions discussed in the previous two paragraphs.


1 Comment »

  1. Hi,

    I’m an ebook newbie – waiting for my Kindle – and already DRM is pissing me off. It might just be easier to stick with Amazon. Hell, I already buy books there, it’s no hardship.

    My view, though, is that just like a print book, once I’ve paid for an ebook it’s mine, and I should be free to do whatever I like with it short breaching copyright.

    I really don’t see a problem with that.


    Comment by Ron — August 16, 2010 @ 1:32 pm | Reply

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Blog at WordPress.com.

%d bloggers like this: