One interesting thing about "the lesson of DVD"
is that EFF, in formal comments to the FCC,
argued that the DVD CSS experience shows that
copy controls for "preventing Internet
redistribution" are unimportant -- DVD CSS
has failed to prevent "Internet redistribution"
of DVDs, yet movie studios still eagerly publish
on DVD.
Here the FCC seems to draw precisely the opposite
conclusion from the same experience.
One argument is something like "movie studios
are willing to publish in other environments
in which they have no meaningful ability to
prevent redistribution, so why not this one?"
and the other is something like "movie studios
are willing to accept relatively trivial
security, so the argument that this security
is relatively trivial does not mean movie
studios should consider it undesirable".
I think the effectiveness of the security is far better in practice than we like to admit.
It's another one of my sayings, the difference between "solving a puzzle" and "making a profit".
CSS is a very solved puzzle now. But it's arguably still enough of a barrier to overcome in practice, that it's sufficent to protect profits.
Posted by Seth Finkelstein at November 5, 2003 02:29 AM I think the jury is still out on the
"effectiveness" of CSS. There are a number
of issues at play here aside from the fact
that DVD ripping software is contraband.
First, the ripped MPEG-2 files are quite large
(3 Gig or so). Clearly too large to distribute
over the Internet. So now you've got to
re-encode to DivX, WMV, MPEG-4, etc. But this
process is still fairly slow and painful even
on the fastest PC's today. Now you've got
a 600MB video of somewhat lower quality that
the MPEG-2 original. Still quite large for
transferring over the Internet. Finally,
what do you do with the video once you've
transferred it?? Basically, you can watch
it on your computer -- not terribly compelling.
Compare this to ripping and MP3 encoding
a song from an audio CD. It's fast and
relatively painless. The files are much smaller
and the audio sounds almost identical to most
ears. Further, not only can you play this
on your computer, but you can download to your
portable MP3 player, burn tracks to an audio
CD with cheap/ubiquitous CD burner drives.
Once you've burned a new audio CD, you can listen
to the song on your home stereo system, in
your car, or in a portable audio CD player.
This is far more useful an compelling than
a video downloaded from the Internet.
Right, there are many issues here.
But crucially, some of those issues INTERACT with CSS.
The size of the files means copies can't propagate very easily - which then means that making it difficult, even just slightly, for people to make their own local copies which would be shared over campus LAN's, then WORKS - in that its made the preferred business solution, buying/renting, more convenient.
Again, the effectiveness of CSS shouldn't be taken as a matter of cryptography, but rather a matter of business effect. From that point of view, others factors are supportive, not arguments against it, since CSS and such factors are mutually supportive.
It reminds me of something the SunnComm people were saying, basically, "Do you think we were such morons, such idiots, that nobody in the entire company knew the shift-key disabled autorun?" - and of course the geek answer is "Yes" - but that doesn't reflect what they were thinking.
It's possible the content companies are wrong about the "speedbump" argument - but unfortunately, I suspect they are less wrong than geekdom thinks they are.
Posted by Seth Finkelstein at November 5, 2003 02:34 PMBut this argument is almost tautological. "DVD copy protection worked because the studios have not abandonded DVDs." How to we measure whether the copy protection works? By seeing whether content producers are willing to use the medium. I don't think there is a lesson here that can logically be applied to other media.
The reality is that HDTV broadcasts are going over the air without protection, today. (I actually used an HDTV capture card to watch Toy Story 2 in high definition.) Should we then conclude that there is no need for a broadcast flag because content producers are willing to use the medium without it? Why not?
What annoys me most about the broadcast flag is the mixing of levels. DVD CSS does not require a DVD "reader" to protect the content--- one could build a DVD drive that simply didn't decrypt. The broadcast flag requires affirmative action to interpret. The PCHDTV video card, for example, has no hardware support for interpreting the PMT packets which carry the broadcast flag; it just provides 188-byte MPEG transport stream packets and anything else is up to software. This will no longer be an allowable split in functionality, since raw TS packets over PCI is not an approved interface. Not decrypting CSS is easy. Obeying the broadcast flag is hard.
Posted by Mark Gritter at November 6, 2003 12:28 AMAlthough the CSS copy protection system for DVDs has been "hacked" and circumvention software is available on the Internet, DVDs remain a viable distribution platform for content ownersMusic CDs don't have any copy protection and "remain a viable distribution platform". DVDs would survive even without CSS (And I would be able to watch my movies both at home and at my parents' in France). Posted by dave at November 10, 2003 11:32 AM